New Book Demystifies ISO 27001 Compliance

Aug. 23, 2006
'International IT Governance' authored by Alan Watkins and Steve Richards

London, England - August 23, 2006 -- With US businesses and organisations coming under intense regulatory pressure to secure their data and IT systems, a timely new management book explains in clear language how to create world class information security management systems that address US regulatory requirements and are compliant with the new global ‘gold standard’ of information security, ISO 27001.

‘International IT Governance: An Executive Guide to ISO 17799/ISO 27001’ is written by leading IT security experts Alan Calder and Steve Watkins. The book provides comprehensive, executive-level guidance for the creation of an information security management system conforming to ISO27001/ISO17799, thereby ensuring that corporate data is secure, information assets protected and regulations complied with. The book is based on the authors’ existing, definitive guide to ISO 27001 compliance, which is recommended by the UK’s Department for Trade & Industry, Institute of Directors and Open University. The work has been extensively revised to address US regulatory regimes including HIPAA, GLBA, SB 1386 and other State breach laws, PIPEDA, FISMA and EU Safe Harbor regulations.

By establishing an ISO/IEC 27001-certificated information security management system an organisation puts in place the general control environment that is essential for a successful SOX s404 report. Achieving this certification is significantly less costly than an SAS 70 audit (which frequently costs more than $100,000) and demonstrates to existing and potential customers as well as regulators that the organisation maintains a best-practice information security infrastructure.

‘International IT Governance’ is based on Alan Calder’s experience of leading the world’s first successful implementation of BS 7799, the standard on which the new ISO 27001 is based. Commenting on the new book, he said, “US organisations are becoming very aware of the potential business benefits of a robust information security management system. However, until now it has been difficult for C-suite executives to gain a clear overview of the practical issues and regulatory concerns as they apply in the US. International IT Governance fills this knowledge gap and provides executives with an express route to securing information assets and satisfying regulators at comparatively little cost.”

‘International IT Governance: An Executive Guide to ISO 17799/ISO 27001’ (priced at $80.00) is published by Kogan Page and may be purchased at all good bookstores. It may also be purchased online at The book comes complete with a free six-month subscription to IT Governance’s exclusive subscriber KnowledgeBase, which enables readers to keep on top of developments and changes in the subject matter of the book after its publication.