O'Reilly logo

Nine Steps to Success: An ISO 27001 Implementation Overview by Alan Calder

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

Chapter 6. Risk Assessment

Risk assessment is at the heart of the ISMS. Understanding its significance to the overall process is critical, and is one of the keys to project success. The board adopts an information security policy because there are a number of significant risks to the availability, confidentiality and integrity of the organization’s information. The board mandates the design and deployment of an ISMS in order to ensure that its policy is systematically and comprehensively implemented. The policy must, therefore, reflect the board’s assessment of information security risks. This doesn’t mean the board needs to carry out a detailed risk assessment itself, but it does need to set out a clear, overall approach to risk that can be used ...

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, interactive tutorials, and more.

Start Free Trial

No credit card required