Ely, United Kingdom, 20 August 2014. There is often a knowledge gap between information security managers trying to implement the ISO27001 standard and IT specialists using Windows® controls to develop secure computer systems. While each approach is valid, making them work together requires an understanding of both that many security professionals lack.
Using the guidance in this book, ISO27001 project managers can explain the best practice requirements of the Standard to technical security specialists in a way that they will quickly understand. In the same way, technical experts can use this book to gain a deeper understanding of ISO27001, making it easier for them to implement technical solutions that fulfil the requirements. This means that everyone on the project talks the same language, helping the team to work together more effectively.
Honan explains, “Having watched clients struggle to understand and grasp the concepts of ISO27001, and then having to further translate those concepts so that their technical IT personnel could appreciate what was required, I decided to write ISO27001 in a Windows® Environment to make that task easier for them.
“I decided that since the Microsoft® Windows® platform and various other Microsoft products are so commonly used in many organisations, I would base the technical details on those Microsoft® technologies. So began a long and interesting journey as I delved further into the workings of the Microsoft® Windows® operating system and Microsoft® Windows Server®, among various other products. This book shows how an IT manager can leverage the Microsoft® technology already available to them to support their implementation of the ISO27001 information security management standard.”
This third edition covers the latest version of the standard (ISO/IEC 27001:2013), as well as Windows®7 and 8, and Microsoft® Windows Server® 2008 and 2012.