Risk assessment is, in fact, the core competence of information security management.
All organizations today have to respond to a rapidly changing and increasingly threatening range of information security risks – risks which can, if unmitigated, lead to severe financial, regulatory and reputation damage for organizations. Information security investment and control decisions should be specifically driven by the outcome of a risk assessment process that identifies risks to specific information assets
This book provides clear, practical and comprehensive guidance on developing a risk management methodology that meets the requirements of ISO27001, the information security management standard, and how to carry out a risk assessment that will help achieve corporate risk management objectives.
Here are the contents of this book
While this book's detailed guidance will enable anyone to carry out an ISO27001-compliant risk assessment, it also draws on the complementary guidance of ISO 17799, BS7799-3, ISO 13335-3, NIST SP 800-30 and the UK's Risk Assessment Standard to provide the most comprehensive information security risk assessment, analysis and management manual available.
It is essential reading for anyone involved generally in enterprise risk management and in information security specifically.
Authors: Alan Calder & Steve Watkins
Publisher: IT Governance Publishing
Format: Soft Cover
Other Formats: Electronic Download
ISBN: 9781905356232
Pages: 196
Published Date: 16/04/2007
Availability: Ex Stock
Order today for immediate despatch!
