Coming in 2020: ISO 27001 Common Body of Knowledge:

The Authoritative Guide for the Design, Development, Implementation and Maintenance of an Information Security Management System
  • Structured Approach - the contents of the book follows our structured methodology for the end-to-end design, development, implementation and maintenance for your ISO 27001: 2013 based information security management system.
  • Official Course Study Guide - The Information Security Leadership Forum's official study guide for the Certified ISO 27001 Lead Implementer's course.
  • Insightful Information - as the book progressively goes through each stage of the methodology, insightful information is provided to help the reader understand examples of audit artifacts that certification auditors may be looking for during a gap assessment or certification audit.

Complete and submit to receive E-mail updates on the book's 2020 pending release and other exciting news from CIMA


Sam Young

CISO - HID Global

"Both times lead to fantastic results and memorable experiences."

"I've worked with numerous vendors and Timothy(CIMA) is one that I keep on my permanent list. He has expert knowledge on the subject of Information Security and the breadth of his real world experience has been a world of help to us. We hired Timothy(CIMA) to train our team on ISO 27001 and then later on Information Security consulting work. Both times lead to fantastic results and memorable experiences. I highly recommend Timothy and his company to those embarking on or enhancing Information Security."

"... I knew I could count on him to come and train my staff which ultimately led to a 100% pass rate for the Certified ISO 27001 Lead implementer Exam."

"Timothy is the consummate professional. His depth of knowledge in the field of information security is very rare in the industry. When I was in a pinch to build internal capacity to support a large ISO 27001 implementation I knew I could count on him to come and train my staff which ultimately led to a 100% pass rate for the Certified ISO 27001 Lead implementer Exam. Not only is he an outstanding trainer, he is also a brilliant consulting talent that can help a company of any size develop their information security strategy. I highly recommend Timothy for any Information systems Security related engagement and I know he will excel and exceed expectations!"

Francis Blay

CISO - GEICO Insurance

Lisa Picard

Snr. Security Engineer / ISMS Program Leader - F5 Networks

"... my all-time favorite trainers and information security service providers."

"Timothy Phillips’ ISO expertise, training and communication style, and deep understanding of international, public and private sector information security practices, made him one of my all-time favorite trainers and information security service providers. The ISO/IEC 27001 Lead Implementer and Lead Auditor courses he delivered were both outstanding. Timothy is a solid professional, easy to work with, and a great teacher. I joined the Information Security Leadership Forum he founded to compliment the professional development I gain from ..."

In ISO 27001 Common Body of Knowledge is:

Comprehensive: Experience-based Knowledge

Contrary to many publications on the market that are academic exercises, this book leverages 20+ years of experience of using the ISO 27001 standard since its early years as BS 7799. It is infused with countless tips and tricks that only comes from years of experience working with the standard.

Practical: A Structured Methodology to Follow

One of the biggest challenges for seasoned information security and non-security professional alike, is the absence of clear and concise guidance on how to approach the implementation of an information security management systems based on ISO 27001. In this book, the author shares his structured methodology to do just that.

Insightful: Learn What Certification Auditors are Looking for to Ensure Your Business Goals are Achieved

The ISO 27001CBK is written by the same author of the Information Security Leadership Forum's Certified ISO 27001 Lead Auditor course, highlighting throughout the book, example audit artifacts expected by certification auditors.    

Trustworthy: A Peer Reviewed Industry Reference You Can Trust 

To ensure completeness and validation, the book underwent a peer review by information security leaders in 5 countries around the world. 

About the Author: Timothy Phillips, CD

Timothy Phillips is a career information security professional who has served as an ADP Security and Investigative Specialist in the Canadian Department of National Defence, the clientele of PwC and IBM Global Services, as well as Chief Information Security Officer for global healthcare and financial services companies, before establishing the Center for Information Management and Assurance (CIMA), and the Founder of the Information Security Leadership Forum.

The Official Study Guide for the Information Security Leadership Forum's Certified ISO 27001 Lead Implementer Course

A must have reference for CISOs and others managing an ISO 27001-based information security program.

This book is a companion reference to the Student Binder for the Forum's Certified ISO 27001 Lead Implementer's Course.

You can also check for release updates on the Information Security Leadership Forum's website