This book is a pocket guide to the ISO27001 risk assessment, and designed to assist asset owners and others who are working within an ISO27001/ISO17799 framework to deliver a qualitative risk assessment. It conforms with the guidance provided in BS7799-3:2006 and NIST SP 800-30.
All organizations face risks to information and information assets. Many organizations seek to identify and control those risks, usually as part of a structured approach to information security risk management.
Risk assessment is at the heart of risk management, and the two together form the core competences of information security management. ISO27001 specifies a series of steps that must form part of the risk assessment. While a number of people in the organization will have a role to play in respect of risk assessment, these steps include a specific role for what the standard describes as ‘asset owners’.
This book covers:
- Information Security Risk Management
- Definitions
- Asset Owners
- Overview of the Risk Assessment Process
- Asset Identification
- Threats and Vulnerabilities
- Asset Valuation
- Risk Level
- Risk Treatment and Control
- Statement of Applicability and Risk Treatment Plan
- Reviewing the Risk Assessment
Familiarise yourself with ISO27001 risk assessments and order this essential pocket guide today for immediate download.
Author: Alan Calder, Steve Watkins
Publisher: IT Governance Publishing Ltd
Format: Adobe eBook
ISBN: 9781905356294
Pages: 48
Published Date: May 07
Availability: Always Available
Product Rating:  (0.00) # of Ratings: 0 (Only registered customers can rate)
There are no comments for this product.
|
|