Information Security Risk Management for ISO 27001/ISO 27002, Third Edition

Plan and carry out a risk assessment to protect your information Information Security Risk Management for ISO 27001 / ISO 27002: Provides information security and risk management teams with detailed, practical guidance on how to develop and implement a risk assessment in line with the requirements of ISO 27001. Draws on national and international best practice around risk assessment, including BS 7799-3:2017 (BS 7799-3). Covers key topics such as risk assessment methodologies, risk management objectives, information security policy and scoping, threats and vulnerabilities, risk treatment and selection of controls. Includes advice on choosing risk assessment software. Ideal for risk managers, information security managers, lead implementers, compliance managers and consultants, as well as providing useful background material for auditors, this book will enable readers to develop an ISO 27001-compliant risk assessment framework for their organisation and deliver real, bottom-line business benefits.


If you want to support my blog, then you can buy a premium account through any of my files (i.e. on the download page of my book). In this case, I get a percent of sale and can continue to delight you with new books!