InfoSec Reviews – ISO27000 and Information Security

Book Title: ISO27000 and Information Security: A Combined Glossary

Authors: Alan Calder, Steve G Watkins

Publisher: IT Governance Publishing

Date of Publishing: 2nd Edition 2010

ISBN(13): 9781849280419

Price (UK&US price – full price, not discounted price): £14.99

URL of Publisher Site:

URL of Amazon UK web page: ISO27000 & Information Security

URL of Amazon US web page:

ISO27000 and Information Security: A Combined Glossary is a very simple book and at only 114 pages it’s not going to teach you how to implement 27001 or any of the 27000 standards families.  If you don’t already have a decent understanding of the topic this certainly isn’t the book for you.  However, if you are a security consultant needing to, or you are employing a security consultancy to help you, implement the ISO27001 standard then this is most definitely the book for you.  To put it simply, it’s a neat, pocket-sized dictionary that defines all the words, phrases and abbreviations that you need to know (and the ones you don’t know but are too embarrassed to ask).ISO27000 and Information Security: A Combined Glossary doesn’t explain how to actually do anything, it doesn’t explain the issues you will need to resolve, it doesn’t even explain the words in any great detail, but what it does give you is just enough detail to work out what it means from your own knowledge. This is why this book is so valuable.  Some of the definitions are not perfect, however, they provide enough detail to get the job done and in some cases are quite entertaining, for example: a script kiddie is defined as a hacker who hasn’t qualified for his hat. 

Every security consultant worth his or her salt should have a copy of this book living in their laptop bag. It’s well written, simple and does exactly what it’s designed to do; and if you have a client that is struggling to understand the mumbo jumbo you are talking as an ISO27000 expert, give them your copy and get another – it will save you a lot of time.

This is a simple, easy to use dictionary for Governance and Security. Considering its pocket size, it’s well worth it to be able to quickly look up abbreviations and words.  Of all the IT and security books I have, this is the only one that permanently lives in my laptop bag.

Marks: 5 out of 5


You don`t have permission to comment here!