Your shopping cart is currently empty.
ISO/IEC 27005:2022, Information security, cybersecurity and privacy protection – Guidance on managing information security risks.
ISO/IEC 27005:2022 provides guidelines for information security risk management. Knowledge of the concepts, models, processes, and terminologies described in ISO 27001 and ISO 27002 is important for a complete understanding of this standard.
This document supports the main concepts specified in ISO 27001 and is designed to assist with the implementation of information security based on a risk management approach.
This document applies to all types of organisations (e.g. commercial enterprises, government agencies, non-profit organisations) that intend to manage risks that can compromise their information security.