There are currently, 20 guest(s) and 0 member(s) that are online.
You are Anonymous user. You can register for free by clicking here
Select Interface Language:
ISO 17799 Resources
There are now quite a few BS7799, ISO27001 and ISO 17799 portals on the web offering commercial tools & products. Possibly the most complete is ISO 17799 and ISO 27001 Central.
Call for Papers
We are shortly to launch a content section for papers and articles on ISO 17799 implementation, BS7799, AS4444, ISO 27001, UNE71502, and information security generally. If you have produced a paper and would like us to publish it, please contact us via the feedback form above.
ISO 27001, ISO 27002 & ISO17799 User Group: Forums
17799.Com :: View topic - A Practical Guide To Managing Information Security
Posted: Thu Sep 30, 2004 2:12 am Post subject: A Practical Guide To Managing Information Security
This is just a small message to make forum members aware of a new book in the area of information security management - "A Practical Guide to Managing Information Security", Steve Purser, Artech House (2004).
I wrote this book in response to questions that have been sent to me following conferences and seminars that I have given over the past few years. The goal of the book is to present what I believe are the major challenges in managing information security in modern commercial environments and to provide a set of practical methods and tools for meeting these challenges. By necessity, I have concentrated on what I consider to be the most important issues in today's environments and this is not a catalogue of security techniques.
In a nutshell, the book shows how to design and successfully implement an information security strategy, whilst still responding appropriately to short-term requirements. In order to do this, the book covers the following topics, using a case study to illustrate the method:
- A descrription of what I believe to be the major issues in today's environments.
- An overview of methods and tools currently available to managers.
- A description of the management approach
- How to define, agree and implement an information security strategy.
- How to use policy and standards effectively.
- How to improve the scalability and flexibility of the current process.
- How to design and implement an IT Security Architecture.
How to create a security-minded culture.
This is a book for practitioners and is based on real experience. I have made every effort to show where and why things can go wrong and how to avoid such problems. I hope it will help managers avoid the mistakes I made in the past.
Posted: Tue Nov 23, 2004 2:37 am Post subject: Where to get the book
The book is available at all the amazon stores and at several other online bookstores such as barnes & noble, bookpool etc. There are reviews on many of the amazon sites and it is possible to look inside the book at amazon.com. The book is not available as a PDF.
I have also posted some papers on specific subjects at the following sites: securitydocs.com, infosecwriters.com
You cannot post new topics in this forum You cannot reply to topics in this forum You cannot edit your posts in this forum You cannot delete your posts in this forum You cannot vote in polls in this forum