Information securityRisk assessment
The ISO/IEC 27001 standard
Format: e-book (epub, kindle, mobi, pdf and others) and hardcopy.
Price: 15,00 Euros (e-book), 20 Euros (hardcopy).
Pages: 333 (pdf), 353 (hardcopy).
Year: 2019 (first english edition).
ISBN: 9788829594399 (e-book) and 9780244149550 (hardcopy).
The book is on all on-line bookshops, usually in epub, kindle, mobi and other formats.
The publishers (self-publishing platforms) are
- Streetlib (https://stores.streetlib.com/) for the e-book (here you can also find the pdf in A4);
- Lulu (www.lulu.com) for the hardcopy (here there is a cheaper edition)
In this book, the following subjects are included: information security, the risk assessment and treatment processes (with practical examples), the information security controls.
The text is based on the ISO/IEC 27001 and ISO/IEC 27002 standards and on the discussions held during the editing meetings, attended by the author.
Appendixes include short presentations (on auditor managmeent, on ISO/IEC 27001 certifications, on Common Criteria and FIPS 140) and check lists (for change management and contracts).
The authorCesare Gallotti has been working since 1999 in the information security and IT process management fields and has been leading many projects in Italy, Europe, Asia and Africa, for companies of various sizes and market sectors.
He has been leading projects as consultant or auditor for the compliance with ISO/IEC 27001, ISO 9001, ISO/IEC 20000 or ISO 22301 and has been designing and delivering ISO/IEC 27001, privacy and ITIL training courses.
Some of his certifications are: Lead Auditor ISO/IEC 27001, Lead Auditor 9001, CISA, ITIL Expert and CBCI, CIPP/e.
Since 2010, he has been Italian delegate for the ISO/IEC JTC 1 SC 27 WG 1, i.e. the editing group for the ISO/IEC 27000 standard family.
Web: www.cesaregallotti.it; Blog: blog.cesaregallotti.it