Information security management standard (ISMS) ISO/IEC 27001 encourages organisations to bring technical decision making about information security controls into a business-driven risk-based framework. This challenges all parties involved in information security management to communicate effectively, especially between technical and non-technical staff about effective security control implementation.
The guide’s author, Brian Honan, is widely recognised as an industry expert on information security and, in particular, on the ISO27001 information security standard.
A member of the Information Systems Security Association, the Irish Information Security Forum, and the Information Systems Audit and Control Association, Brian established Ireland’s first ever national Computer Security Incident Response Team.
“Written in non-technical language and in a style that makes its content accessible to non-technical ISO27001 project managers, Brian’s invaluable study will give IT security practitioners the information and knowledge they need,” says Alan Calder, Chief Executive of the book’s publishers, IT Governance.
IT Governance is ‘non-geek’, approaching IT issues from a non-technology background and talking to management in its own language.
http://www.emediawire.com/releases/2009/2/emw2084414.htm