Description
All organizations face risks to information and information assets. Many organizations seek to identify and control those risks, usually as part of a structured approach to information security risk management.Risk assessment is at the heart of risk management, and the two together form the core competences of information security management. ISO27001 specifies a series of steps that must form part of the risk assessment. While a number of people in the organization will have a role to play in respect of risk assessment, these steps include a specific role for what the standard describes as 'asset owners'.
This book covers:
* Information Security Risk Management
* Definitions
* Asset Owners
* Overview of the Risk Assessment Process
* Asset Identification
* Threats and Vulnerabilities
* Asset Valuation
* Risk Level
* Risk Treatment and Control
* Statement of Applicability and Risk Treatment Plan
* Reviewing the Risk Assessment
Published
30 Jul 2007
Publisher
IT Governance
ISBN
9781905356263
Pages
42
Static Book Details Index Page - Click Here to go to Computer Manuals Website