Information security means much more than a technology solution, and requires buy-in from senior managers and the collaboration of all staff in the organisation. By looking at ISO27001 and ISO27002 together, this pocket guide gives a wider view of what it means to implement an ISO27001 ISMS.