Book description
Ideal for risk managers, information security managers, lead implementers, compliance managers and consultants, as well as providing useful background material for auditors, this book will enable readers to develop an ISO 27001-compliant risk assessment framework for their organisation and deliver real, bottom-line business benefits.
Table of contents
- Cover
- Title
- Copyright
- About the Author
- Contents
- Introduction
- Chapter 1: Risk management
- Chapter 2: Risk assessment methodologies
- Chapter 3: Risk management objectives
- Chapter 4: Roles and responsibilities
- Chapter 5: Risk assessment software
- Chapter 6: Information security policy and scoping
- Chapter 7: The ISO 27001 risk assessment
- Chapter 8: Information assets
- Chapter 9: Threats and vulnerabilities
- Chapter 10: Scenario-based risk assessment
- Chapter 11: Impact, including asset valuation
- Chapter 12: Likelihood
- Chapter 13: Risk level
- Chapter 14: Risk treatment and the selection of controls
- Chapter 15: The Statement of Applicability
- Chapter 16: The gap analysis and risk treatment plan
- Chapter 17: Repeating and reviewing the risk assessment
- Appendix 1: vsRisk Cloud
- Appendix 2: ISO 27001 implementation resources
- Appendix 3: Books by the same authors
- Further reading
Product information
- Title: Information Security Risk Management for ISO 27001/ISO 27002, third edition
- Author(s):
- Release date: August 2019
- Publisher(s): IT Governance Publishing
- ISBN: 9781787781382
You might also like
book
ISO 27001/ISO 27002 - A guide to information security management systems
Understand how information security standards can improve your organisation’s security and set it apart from competitors …
book
CISM Certified Information Security Manager All-in-One Exam Guide, Second Edition, 2nd Edition
Provides 100% coverage of every objective on the 2022 CISM exam This integrated self-study guide enables …
book
CRISC Certified in Risk and Information Systems Control All-in-One Exam Guide
An all-new exam guide for the industry-standard information technology risk certification, Certified in Risk and Information …
book
CISM Certified Information Security Manager Practice Exams
Publisher's Note: Products purchased from Third Party sellers are not guaranteed by the publisher for quality, …