Information Security Risk Management for ISO 27001 / ISO 27002, Third Edition
- 2h 6m
- Alan Calder
- IT Governance
- 2019
Ideal for risk managers, information security managers, lead implementers, compliance managers and consultants, as well as providing useful background material for auditors, this book will enable readers to develop an ISO 27001-compliant risk assessment framework for their organisation and deliver real, bottom-line business benefits.
In this Book
-
Introduction
-
Risk Management
-
Risk Assessment Methodologies
-
Risk Management Objectives
-
Roles and Responsibilities
-
Risk Assessment Software
-
Information Security Policy and Scoping
-
The ISO 27001 Risk Assessment
-
Information Assets
-
Threats and Vulnerabilities
-
Scenario-Based Risk Assessment
-
Impact, Including Asset Valuation
-
Likelihood
-
Risk Level
-
Risk Treatment and the Selection of Controls
-
The Statement of Applicability
-
The Gap Analysis and Risk Treatment Plan
-
Repeating and Reviewing the Risk Assessment
-
Further Reading
SHOW MORE
FREE ACCESS
PEOPLE WHO VIEWED THIS ALSO VIEWED THESE
Audiobook
ISO27001/ISO27002: A Pocket Guide