O'Reilly logo

Risk Assessment for Asset Owners by Steve Watkins, Alan Calder

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

CHAPTER 1: INTRODUCTION

All organizations face risks1 to information and information assets. Many organizations seek to identify and control those risks, usually as part of a structured approach to information security risk management.

ISO/IEC27001:2005 is an international standard specification for an Information Security Management System (or ‘ISMS’). Organizations that develop an ISMS in line2 with the specification of ISO27001 can receive external, third-party certification that their ISMS conforms to the standard, and such a certificate can have significant commercial, financial and compliance benefits.

ISO/IEC17799:2005 is the international Code of Practice for information security; it provides detailed guidance to support the specification ...

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, interactive tutorials, and more.

Start Free Trial

No credit card required