New Beginner ISO 27001

smiahsmiah Member Posts: 25 ■□□□□□□□□□
I have been working in I.T for 10 years as Systems manger/Security Administrator.
I'm now thinking moving to Security Consultant Side.
I have been doing some research and found ISO 27001 is a good certification for job/career. i am new to this as a beginner.
I will be doing self study at my cost and found 2 books from amazon:

Amazon.com: IT Governance: A Manager's Guide to Data Security and ISO 27001 / ISO 27002 (9780749452711): Alan Calder, Steve Watkins: Books
&
http://www.amazon.com/Nine-Steps-Success-Implementation-Overview/dp/1905356129/ref=sr_1_3?ie=UTF8&s=books&qid=1272372467&sr=8-3

1) Can anyone please suggest me any good materials/books/sites to help achive this certifications?

2) if you have done this ceritification, please share the experience, is it very difficult job? how intensive the course is? is home base study good enough or course is a must?

3) is there any exam involved? if yes, whats the exam number?

Please send me much information/advice on iso27001
Thanks for looking at this

Comments

  • eMeSeMeS Member Posts: 1,875 ■■■■■■■■■□
    smiah wrote: »
    1) Can anyone please suggest me any good materials/books/sites to help achive this certifications?

    2) if you have done this ceritification, please share the experience, is it very difficult job? how intensive the course is? is home base study good enough or course is a must?

    3) is there any exam involved? if yes, whats the exam number?

    Thanks for looking at this

    The ISO 27000 series is an organizational certification. Organizations achieve it by meeting what are called "shalls" in the standard. This is not something an individual can achieve. Organizations achieve 27000 series certification as the result of a series of formal audits.

    However, Exin offers a number of certifications that certify an individual's knowledge and understanding of the ISO 27000 series at foundational and advanced levels. You can read information about them here: ISO/IEC 27000 - EXIN Exams

    I do not know of anyone on this site that has completed these exams. I receive a discount through Exin on all of their exams, and I do plan to eventually complete their ISO 27000 series exams, but have not scheduled anything yet.

    I am not aware of any study material available for these exams, other than the relevant ISO publications. Then again, I haven't looked too hard for anything as I've found that the best thing to study for any type of ISO-related exam is the actual ISO standards themselves.

    MS
  • JDMurrayJDMurray Admin Posts: 13,021 Admin
    Here's the explanation of how ISO uses the terms certification, accreditation, and registration: ISO - Management standards - Certification
  • down77down77 Member Posts: 1,009
    You may also want to look into the Giac G7799 if you are interested in ISO 27000 certifications.
    CCIE Sec: Starting Nov 11
  • smiahsmiah Member Posts: 25 ■□□□□□□□□□
    down77 wrote: »
    You may also want to look into the Giac G7799 if you are interested in ISO 27000 certifications.

    I am looking for a beginner guide on iso 27001 on Foundation And Advance.
    Does any body used any books which will give step by step guide and best practise without going to expensive course?

    thanks
  • down77down77 Member Posts: 1,009
    Depending on the information you are looking for, here is a good site to get started:

    ISO27k infosec management standards

    You may want to take a look at a few of the following texts to assist you in your pursuit of ISO 27000/27001 knowledge:

    * Arnason, S. T., & Willet, K. D. (200icon_cool.gif. How to achieve 27001 certification: An example of applied compliance management. Auerbach Publications. ISBN: 9780849336485
    * Calder, A., & Watkins, S. (200icon_cool.gif IT governance: A manager's guide to data security and ISO27001/ISO 27002. (4th ed.). Kogan Page. ISBN: 9780749452711

    Hope this helps.
    CCIE Sec: Starting Nov 11
Sign In or Register to comment.