Implementation Guideline ISO/IEC 27001:2013 (English Translation)

The Implementation Guideline ISO/IEC 27001:2013, which was developed by the Information Security Expert Group of the ISACA Germany Chapter, provides practical recommendations and guidance for organizations that are either already operating or intending to establish an information security management system (ISMS) according to the international standard ISO/IEC 27001:2013, whether with or without a certification.

The guide provides pragmatic support and advice to all stakeholders involved in setting up and/or operating an ISMS. The advantages of an ISMS that is customized to organizational needs, but at the same time standard-compliant, are highlighted. In particular, practical recommendations for establishing or increasing the maturity level of existing ISMS processes as well as typical examples of implementing various requirements are presented.