O'Reilly logo

Nine Steps to Success: An ISO27001:2013 implementation overview by Alan Calder

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

CHAPTER 6: RISK MANAGEMENT

Risk assessment is at the heart of the ISMS. Understanding its significance to the overall process is critical, and is one of the keys to project success. The board adopts an information security policy because there are a number of significant risks to the availability, confidentiality and integrity of the organisation’s information, and it mandates the design and deployment of an ISMS in order to ensure that its policy is systematically and comprehensively implemented. The policy must, therefore, reflect the board’s assessment of information security risks and opportunities. This doesn’t mean the board needs to carry out a detailed risk assessment itself, but it does need to set out a clear, overall approach to risk ...

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, interactive tutorials, and more.

Start Free Trial

No credit card required