ISO 27001 requires the organisation to produce a set of reports, based on the risk assessment, for audit and certification purposes.
Download this informative guide to risk assessment and ISO 27001 to discover:
- The three stages of the ISO 27005 risk assessment process: risk identification, analysis and evaluation;
- Risk assessment and the ISO 27001 Statement of Applicability;
- How to use risk assessments to achieve maximum benefits from minimum security costs; and
- How risk assessments fit into the continuous improvement cycle.