May 28 2020

ISO 27k reading list

Category: ISO 27kDISC @ 1:12 pm

ISO 27k books reading list


Many ISO 27001 practitioners attend ISO 27001 Lead Implementer courses or buy a ISO 27001 TOOLKIT to gain practical knowledge and skills to develop an information security management system (ISMS). Some go even further by securing a budget to call in an experienced ISO 27001 consultant to guide them through the process and help them with the more complex aspects of the project. But most information security professionals start the journey by simply reading a lot on the subject and doing initial preparation on their own – a method that is not only cost effective, but also gives them a good foundation to understand what is needed for successful ISO 27001 delivery.

Below is a list of books that can help ISO 27001 practitioners prepare for ISO 27001 implementation.


Implementing the ISO 27001:2013 ISMS Standard



Authored by an internationally recognized expert in the field, this expanded, timely second edition addresses all the critical information security management issues needed to help businesses protect their valuable assets. Professionals learn how to manage business risks, governance and compliance. This updated resource provides a clear guide to ISO/IEC 27000 security standards and their implementation, focusing on the recent ISO/IEC 27001.
Moreover, readers are presented with practical and logical information on standard accreditation and certification. From information security management system (ISMS) business context, operations, and risk, to leadership and support, this invaluable book is your one-stop resource on the ISO/IEC 27000 series of standards.

Implementing the ISO/IEC 27001:2013 ISMS Standard 2nd Edition


ISO 27001 controls – A guide to implementing and auditing


Ideal for information security managers, auditors, consultants and organisations preparing for ISO 27001 certification, this book will help readers understand the requirements of an ISMS (information security management system) based on ISO 27001.

The ISO 27001 controls – A guide to implementing and auditing 


 ISO/IEC 27001 Master: Auditors & Implementers’ Guide


ISO/IEC 27001 Master is book written to meet the combined needs of Internal and External Auditors as well as Lead Implementers who simultaneously need the knowledge and skills of implementing the ISMS as well as the skill to perform the audits. Written in simple and straightforward English, the book can be used by beginners as well as advanced learners. Besides being a practitioner’s guide, candidates and students preparing for their ISO 27001 Certification Examinations can also make use the book which provides a step-by-step guide towards implementing the requirements of the ISO 27001 Standard.

The ISO/IEC 27001 Master: Auditors & Implementers


Secure & Simple – A Small-Business Guide to Implementing ISO 27001 On Your Own


In Secure & Simple Dejan Kosutic, an author and experienced information security consultant, is giving away all his practical know-how on successful ISO 27001 implementation. Whether you’re new or experienced in the field, this book gives you everything you will ever need to implement ISO 27001 on your own.

Dejan provides examples of implementing the standard in small and medium-sized organizations (i.e. companies with up to 500 employees). It is written primarily for beginners in the field and for people with moderate knowledge of ISO 27001. Even if you do have experience with the standard, but feel that there are gaps in your knowledge, you’ll find this book very helpful.

Secure & Simple is the definitive guide for implementing and maintaining the most popular information security standard in the world. The author leads you, step-by-step, from an introduction to ISO 27001 to the moment your company passes the certification audit.

Secure & Simple – A Small-Business Guide to Implementing ISO 27001 On Your Own

ISO 27001 Handbook: Implementing and auditing an Information Security Management System in small and medium-sized businesses

This book helps you to bring the information security of your organization to the right level by using the ISO/IEC 27001 standard.

An organization often provides services or products for years before the decision is taken to obtain an ISO/IEC 27001 certificate. Usually, a lot has already been done in the field of information security, but after reading the requirements of the standard, it seems that something more needs to be done: an ‘information security management system’ must be set up.
ISO 27001 Handbook: Implementing and auditing

ISO IEC 27001 Lead Implementer A Complete Guide – 2020 Edition


Are breaches of any criminal or civil law and statutory, regulatory or contractual obligations and of any security requirements avoided? Ensuring the integration of the ISMS requirements into its business processes? What is the certification process for ISO 27001? Do you have documented statements of the ISMS policy and objectives? Are there any outdated operating systems running on any machines in the current environment?

Defining, designing, creating, and implementing a process to solve a challenge or meet an objective is the most valuable role… In EVERY group, company, organization and department.

Unless you are talking a one-time, single-use project, there should be a process. Whether that process is managed and implemented by humans, AI, or a combination of the two, it needs to be designed by someone with a complex enough perspective to ask the right questions. Someone capable of asking the right questions and step back and say, ‘What are we really trying to accomplish here? And is there a different way to look at it?’

This Self-Assessment empowers people to do just that – whether their title is entrepreneur, manager, consultant, (Vice-)President, CxO etc… – they are the people who rule the future. They are the person who asks the right questions to make ISO IEC 27001 Lead Implementer investments work better.

This ISO IEC 27001 Lead Implementer All-Inclusive Self-Assessment enables You to be that person.

All the tools you need to an in-depth ISO IEC 27001 Lead Implementer Self-Assessment. Featuring 910 new and updated case-based questions, organized into seven core areas of process design, this Self-Assessment will help you identify areas in which ISO IEC 27001 Lead Implementer improvements can be made.

In using the questions you will be better able to:

– diagnose ISO IEC 27001 Lead Implementer projects, initiatives, organizations, businesses and processes using accepted diagnostic standards and practices

– implement evidence-based best practice strategies aligned with overall goals

– integrate recent advances in ISO IEC 27001 Lead Implementer and process design strategies into practice according to best practice guidelines

Using a Self-Assessment tool known as the ISO IEC 27001 Lead Implementer Scorecard, you will develop a clear picture of which ISO IEC 27001 Lead Implementer areas need attention.

Your purchase includes access details to the ISO IEC 27001 Lead Implementer self-assessment dashboard download which gives you your dynamically prioritized projects-ready tool and shows your organization exactly what to do next. You will receive the following contents with New and Updated specific criteria:

– The latest quick edition of the book in PDF

– The latest complete edition of the book in PDF, which criteria correspond to the criteria in…

– The Self-Assessment Excel Dashboard

– Example pre-filled Self-Assessment Excel Dashboard to get familiar with results generation

– In-depth and specific ISO IEC 27001 Lead Implementer Checklists

– Project management checklists and templates to assist with implementation


Every self assessment comes with Lifetime Updates and Lifetime Free Updated Books. Lifetime Updates is an industry-first feature which allows you to receive verified self assessment updates, ensuring you always have the most accurate information at your fingertips.

Download a Security Risk Assessment Checklist paper!

Subscribe to DISC InfoSec blog by Email

Leave a Reply

You must be logged in to post a comment. Login now.