CALL US +44 1502 449001
CountryCountry

ISO 27001/ISO 22301 Knowledge base

'. get_the_author_meta('first_name'). ' '.get_the_author_meta('last_name').'

Where to start from with ISO 27001

Author: Dejan Kosutic

If you’re just starting to learn about ISO 27001, or you were given the task to implement this cybersecurity standard and you do not have much experience, you’re probably wondering what to do first.

To help you get around, we created this list of useful materials from 27001Academy, which will enable you to learn what needs to be done.

Materials to get you started

Here are a few materials that will help you understand what ISO 27001 is all about, and give you some simple tips on where to start:

Risk management materials

If you have already started your implementation, you probably realized that the most complex step in the implementation is the risk assessment and treatment. Here are a few materials you’ll find useful:

Security controls (safeguards)

Although ISO 27001 is not a technical standard, it does provide a catalogue of 114 controls that you should consider implementing to mitigate potential incidents – here are some materials that will give you more insight into these controls:

ISO 27001 - Where to start: Most important materials

Writing the documentation

Writing policies and procedures is usually the hardest thing for most people – here are a few materials that will help you get started:

Setting up an ISO 27001 project

Because ISO 27001 is a rather complex standard, you need to make sure that you can complete the project successfully – here are a few materials on how to prepare and organize the implementation project:

So, yes, ISO 27001 probably sounds pretty complex at first glance – I hope we managed to clarify most of your doubts with these materials. Let us know in the comments below if you feel some other materials are needed.

Probably the best overview of ISO 27001 is in this free online training: ISO 27001:2013 Foundations Course.


About the author:

Dejan holds a number of certifications, including Certified Management Consultant, ISO 27001 Lead Auditor, ISO 9001 Lead Auditor, and Associate Business Continuity Professional. Dejan leads our team in managing several websites that specialize in supporting ISO and IT professionals in their understanding and successful implementation of top international standards. Dejan earned his MBA from Henley Management College, and has extensive experience in investment, insurance, and banking. He is renowned for his expertise in international standards for business continuity and information security – ISO 22301 & ISO 27001 – and for authoring several related web tutorials, documentation toolkits, and books.

If you enjoyed this article, subscribe for updates

Improve your knowledge with our free resources on ISO 27001/ISO 22301 standards.

You may unsubscribe at any time.

For more information on what personal data we collect, why we need it, what we do with it, how long we keep it, and what are your rights, see this Privacy Notice.

Leave a Reply

Your email address will not be published. Required fields are marked *

FREE ISO 27001/22301 CONSULTATION
Dejan Kosutic
Lead ISO 27001/ISO 22301 Expert, Advisera

GET FREE ADVICE

Upcoming free webinar
How to integrate GDPR with ISO 27001
Wednesday – September 25, 2019

OUR CLIENTS

OUR PARTNERS

  • Advisera is Exemplar Global Certified TPECS Provider for the IS, QM, EM, TL and AU Competency Units.
  • ITIL® is a registered trade mark of AXELOS Limited. Used under licence of AXELOS Limited. All rights reserved.
  • DNV GL Business Assurance is one of the leading providers of accredited management systems certification.