Free Download: Risk Assessment and ISO 27001
An ISO 27001-compliant information security management system (ISMS) developed and maintained according to risk acceptance/rejection criteria is an extremely useful management tool, but the risk assessment process is often the most difficult and complex aspect to manage, and often requires external assistance.
This green paper seeks to explain and unravel some of the issues surrounding the risk assessment process.
The three stages of the ISO 27005 risk assessment process: risk identification, analysis and evaluation
Risk assessment and the ISO 27001 Statement of Applicability
How to use risk assessments to achieve maximum benefits from minimum security costs
How risk assessments fit into the continuous improvement cycle
Request a free demonstration of vsRisk risk assessment software to discover how it can save you time and money
ISO 27001 explicitly requires compliant organisations to carry out risk assessments based on agreed risk acceptance criteria that must be used when analysing risk.
Risk assessment enables expenditure on controls to be balanced against the business harm likely to result from security failures.
Download this free green paper today to find out how risk assessments fit into in your ISO 27001 project.