All organizations face risks to information and information assets. Many organizations seek to identify and control those risks, usually as part of a structured approach to information security risk management.
ISO/IEC27001:2005 is an international standard specification for an Information Security Management System (or ‘ISMS’). Organizations that develop an ISMS in line with the specification ISO27001 can receive external, third-party certification that their ISMS conforms to the standard, and such a certificate can have significant commercial, financial and compliance benefits. ISO/IEC17799:2005 is the international Code of Practice for information security; it provides detailed guidance to support the specification contained in ISO27001 but is not, itself, a specification.
Risk assessment is at the heart of risk management, and the two together form the core competences of information security management. ISO27001 specifies a series of steps that must form part of the risk assessment. While a number of people in the organization will have a role to play in respect of risk assessment, these steps include a specific role for what the standard describes as ‘asset owners’.
This Pocket Guide to the ISO27001 risk assessment is designed to assist asset owners and others who are working within an ISO27001/ISO17799 framework to deliver a qualitative risk assessment. It also conforms with the guidance provided in BS7799-3:2006 and NIST SP 800-30.
Here are the contents of this book.
With the IT Governance brand behind it, this pocket guide brings the authority of external, recognised expertise and helps underline the message that information security is important. A small investment here is another indicator of management’s commitment to both information security and achieving ISO 27001 certification.
Authors: Alan Calder, Steve Watkins
Publisher: IT Governance Publishing Ltd
Format: Electronic Download (1.55MB Zipped .PDF, governed by ITGP's Copyright Terms and Conditions)
Other Format: Soft Cover
or ITGP Pocket Guides Complete Set (Download)
ISBN: 9781905356294
Pages: 48
Published Date: May 07
Availability: Immediate Download
Purchase and download this essential new pocket guide today!
