CHAPTER 5: RISK ASSESSMENT SOFTWARE
There are software tools that have been designed to assist in risk assessment and, although their use is not mandatory in the standard, it is practically impossible to carry out and maintain a useful risk assessment for an organisation that has more than about four workstations without using such a tool. It is essential that the risk assessment be completed methodically, systematically and comprehensively. An appropriate software tool, designed with ISO27001 in mind and kept up to date in terms of changing information security issues, can be effective in this process.
This is because the risk assessment is a complex and data-rich process. For an organisation of any size, the only practical way to carry it out ...
Get Information Security Risk Management for ISO27001/ISO27002 now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.