IF YOU ARE AN INFOSEC PROFESSIONAL, STUDENT OR HAVE ANY INTEREST ON THE SUBJECT you are very likely to have heard about ISO/IEC 27001: 2013. What you may not know is that the 27K family is much, much bigger.
Currently there are 16 publications dedicated to the implementation and operation of an ISMS (Information Security Management System) aligned to international standards, and suitable for business of all sizes and verticals. According to the Brazilian National Information Security Survey, which I published last year, more and more Brazilian companies have been investing and adopting the standard.
Reading ISO 27001 is mandatory for any security professional who wants to take a holistic view of how to approach the subject in a systematic way. The problem is that to access the Brazilian version of the standard there is a paywall of R$ 120.00, which is well suited for companies that want to have a certified ISMS, but can dissuade students and professionals who often end up using Jack Sparrow versions.
Well, since I cannot freely distribute 27001, how about another standard free of charge? Yes, that’s Digratis! That’s right: You do not have to pay anything to download a LEGAL and official ISO 27000 PDF, the same one ABNT charges R$ 482.60 for the localized version in Portuguese!
ISO/IEC 27000, Information security management systems – Overview and vocabulary, as the name implies, features an excellent vocabulary of common terms and definitions such as confidentiality, integrity and availability, security policy, continuity, risk management, among others used for all other standards in the family, but it is not only that! Other extremely interesting topics include:
- Definition of an Information Security Management System;
- Purposes and principles of the ISMS;
- The importance of ISMS / Information Security to organizations;
- Strategic definitions of how to establish, monitor, deploy and improve their ISMS;
- Critical success factors for adoption of the ISMS / information security in organizations;
- Benefits in using a standardized approach / standardized to an ISMS;
- How the 27K family of standards are related
To download the standard just CLICK HERE and agree to the terms on the site.
Enjoy your reading and share it with your friends (assuming you have any 🙁 )!