Below are attached the following resources:
- Practical ISMS Nov 12: Completed Course Slides – November 2012 (updated)
- ISMS Implementation Diagram
- ISO 27001 Reference List - articles, books and websites that may be of use
- Research Article: "Information Security Management: An Entangled Research Challenge" (about the lack of focus on the sociological aspects of the ISO 27001 ISMS)
- Research Article: "Perception of risk and the strategic impact of existing IT on information security strategy at board level"
- Research Article: "A security standards’ framework to facilitate best practices’ awareness and conformity" - The aim of this paper is to facilitate the awareness of information security practitioners regarding globally known and accepted security standards, and thus, contribute to their adoption.
- Research Article: "An integrated view of human, organizational, and technological challenges of IT security management" - This paper reports on the challenges that security practitioners face within their organizations. Our results not only validate and extend other studies that address challenges facing security practitioners, but also provide an integrated framework that classifies these challenges. This framework can help organizations identify their limitations with respect to implementing security standards and determine if they are spending their security resources effectively. It also provides a way to understand how different factors interplay, for example, how the culture of the organization and decentralization of IT security trigger security issues that make security management more difficult.