The subject is coming out from the requirements of the information security management system and gives the basic survey of the specifications which are necessary to fulfil for successful implementation.
Literature
[1] ISO/IEC 27001 Information technology — Security techniques — Information security management systems — Requirements, ISO, Geneva, Switzerland.
[2] Edward Humphreys & Angelika Plate, BIP 0071:2005: Guidelines on requirements and preparations for ISMS certification based on ISO/IEC 27001, BSI London, UK.
Advised literature
[1] ISO/IEC 27005 Information technogy - Security techniques - Information security management system - Risk management.