The book explores information security concepts and applications from an organizational information perspective and explains the process of audit planning and preparation. It further demonstrates audit techniques and collecting evidence to write important documentation by following the ISO 27001 standards.