Skip to Main Content
ISO27001 in a Windows® Environment: The best practice handbook for a Microsoft® Windows® environment, Second Edition
book

ISO27001 in a Windows® Environment: The best practice handbook for a Microsoft® Windows® environment, Second Edition

by Brian Honan
April 2010
Intermediate to advanced content levelIntermediate to advanced
310 pages
3h 35m
English
IT Governance Publishing
Content preview from ISO27001 in a Windows® Environment: The best practice handbook for a Microsoft® Windows® environment, Second Edition

Chapter 5. Conducting A Risk Assessment

Effectively running and managing an ISMS requires the system to be based upon a solid risk assessment and subsequent risk management disciplines. This means you need to have a formal process in place to identify and rate the different types of information security risks that exist against your information assets in terms of their impact and the likelihood of occurrence.

Once you have identified all the appropriate information security management risks, you need to put in place a formal process to assess and manage those risks. It is important that this process is one that you can repeat at regular periods in order to re-evaluate the risks.

Before we conduct a risk assessment, we need to understand what we ...

Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
and much more.
Start your free trial

You might also like

Windows Server® 2012 Unleashed

Windows Server® 2012 Unleashed

Rand Morimoto, Michael Noel, Guy Yardeni, Omar Droubi, Andrew Abbate, Chris Amaris

Publisher Resources

ISBN: 9781849280495Purchase book