ISO 27001 Annex A Controls in Plain English

In this book, Dejan Kosutic, author and experienced information security consultant, is giving away his practical know-how on ISO 27001 security controls. No matter if you are new or experienced in the field, this book teaches you everything you need to know about security controls.

ISO 27001 Annex A Controls in Plain English is written primarily for beginners to ISO 27001, and for people with moderate knowledge about Annex A of the standard and the 114 security controls that are found in the Annex. It is structured in such a way that someone with no prior experience or knowledge about information security can quickly understand what they are all about; however, if you do have experience with ISO 27001, but feel that you still have gaps in your knowledge, you’ll also find this book very helpful.

Kosutic uses plain English to explain everything you need to know about security controls in ISO 27001, as well as the differences between the controls in Annex A of ISO 27001 and in ISO 27002. Also, you will learn everything about the crucial link between risk management and security controls, and get a complete overview of Annex A controls starting from the introduction, structuring of the documentation, and instructions on how to write detailed information security policies, all the way to the requirements for compliance.

Written in simple language and avoiding the technical jargon, ISO 27001 Annex A Controls in Plain English is the right book to start learning about the subject.