All organizations face risks to information and information assets. Many organizations seek to identify and control those risks, usually as part of a structured approach to information security risk management. Risk assessment is at the heart of risk management, and the two together form the core competences of information security management. ISO27001 specifies a series of steps that must form part of the risk assessment. While a number of people in the organization will have a role to play in respect of risk assessment, these steps include a specific role for what the standard describes as asset owners . This book covers: * Information Security Risk Management * Definitions * Asset Owners * Overview of the Risk Assessment Process * Asset Identification * Threats and Vulnerabilities * Asset Valuation * Risk Level * Risk Treatment and Control * Statement of Applicability and Risk Treatment Plan * Reviewing the Risk Assessment
IT Governance Publishing
Other books by this author See all titles
You save: £2.30
Customers who bought this title, also bought...
You save: £2.00
You save: £2.70
You save: £2.20
The prices displayed are for website purchases only, and may differ to the prices in Waterstones shops.