O'Reilly logo

Risk Assessment for Asset Owners by Steve Watkins, Alan Calder

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

CHAPTER 12: REVIEWING THE RISK ASSESSMENT

ISO27001 sets out the requirement: ‘review risk assessments at planned intervals and review the residual risks and the identified acceptable levels of risks’ taking into account changes in the business environment, to the organization, to the risks it faces, to the incidents it experiences, to regulatory changes and in light of the effectiveness of the controls.15

Given the rate of development of new threats, the discovery of new vulnerabilities and the development of new technology (with its own inherent vulnerabilities), the information security management system needs to be continually reviewed to ensure it remains fit for purpose and that it meets the requirements of the information security policy. ...

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, interactive tutorials, and more.

Start Free Trial

No credit card required