This afternoon I turned my attention to books I can buy so I have been browsing through anything that Amazon has to offer on any of the three standards. I am focussing particularly on ones written with smaller to mid sized businesses (as opposed to corporates) in mind.
There is a lot on ISO 9001, less on ISO 14001 and comparatively little on ISO 27001. Restricting my searches to books specifically for SMEs but doesn’t yield much. Google Books is handy for peeking inside several of the titles I see on Amazon to see if they are relevant. The majority of the books are academic in their approach or talk about management theory. They talk about the models ones should use and the considerations one should take into account – but there’s so, so little on practical applications – particularly for an SME.
In the end I buy two books for a total price of about £80.
- ISO9001:2000 for Small Business by Ray Tricker and
- IT Governance: A Manager’s Guide to Data Security and ISO 27001/ ISO 27002 by Alan Calder
The big potential advantage with the latter is that is was very recently published so it should be up to date.
Based on diary entries