Information Security Risk Management for ISO 27001 / ISO 27002, Third Edition

  • 2h 6m
  • Alan Calder
  • IT Governance
  • 2019

Ideal for risk managers, information security managers, lead implementers, compliance managers and consultants, as well as providing useful background material for auditors, this book will enable readers to develop an ISO 27001-compliant risk assessment framework for their organisation and deliver real, bottom-line business benefits.

In this Book

  • Introduction
  • Risk Management
  • Risk Assessment Methodologies
  • Risk Management Objectives
  • Roles and Responsibilities
  • Risk Assessment Software
  • Information Security Policy and Scoping
  • The ISO 27001 Risk Assessment
  • Information Assets
  • Threats and Vulnerabilities
  • Scenario-Based Risk Assessment
  • Impact, Including Asset Valuation
  • Likelihood
  • Risk Level
  • Risk Treatment and the Selection of Controls
  • The Statement of Applicability
  • The Gap Analysis and Risk Treatment Plan
  • Repeating and Reviewing the Risk Assessment
  • Further Reading
SHOW MORE
FREE ACCESS

YOU MIGHT ALSO LIKE

Course CRISC 2023: Risk Case Studies
Rating 5.0 of 2 users Rating 5.0 of 2 users (2)
Course CISM 2022: Business Continuity & Security
Rating 4.6 of 21 users Rating 4.6 of 21 users (21)
Book Risk Management and ISO 31000: A Pocket Guide

PEOPLE WHO VIEWED THIS ALSO VIEWED THESE

Course Welcome to the Leadership Development Program
Rating 4.5 of 2861 users Rating 4.5 of 2861 users (2861)
Course AWS SysOps Associate: Securing AWS Resources & Data
Rating 4.6 of 62 users Rating 4.6 of 62 users (62)
Book ISO 27001 Controls: A Guide to Implementing and Auditing