I am delighted to see that the revised version of my book has now been released.  The book is “ISO 27001 In a Windows Environment” and has been revised to include the security features in Microsoft’s Windows 7 operating system.

It is available to buy from the IT Governance’s website.    As the overview on the IT Governance website explains;


“The vast majority of ISO27001 implementations will, to one extent or another, take place in a Windows environment. ISO27001 project managers are not always Microsoft technical experts, but a large number of the ISO27001 controls require a technical implementation. Bridging the gap between non-technical ISO27001 project managers and IT specialists, this book explains what the controls are, and describes how to implement them in a Windows environment, equipping the ISO27001 project manager to succeed with the implementation.

MCSEs who have security training (MCSE Security), but who may not understand the ISO27001 approach to selecting and implementing controls, will also benefit from this book. It provides them with the necessary rationale and links their technical understanding of Microsoft information security controls into the international best practice framework for information security. This book should be a core part of the technical library of every MCSE and information security practitioner. If you have a CISSP, CISM, GIAC, or another professional certification, you should read this book.”

If you are looking to implement ISO 27001 in your organisation and wondering how to use the inbuilt security features within Windows to apply the standard’s technical controls then this book can help you.