Details zum E-Book

Information Security Risk Management for ISO 27001/ISO 27002. A Practical Guide to Risk, Assessment, and Control Selection Aligned with ISO Standards

Information Security Risk Management for ISO 27001/ISO 27002. A Practical Guide to Risk, Assessment, and Control Selection Aligned with ISO Standards

IT Governance Publishing, Alan Calder, Steve G Watkins

E-book
This guide navigates through the essential processes of risk management within an ISO 27001/27002 framework. Beginning with foundational principles and methodologies, it systematically details every stage from assessment and analysis to treatment and review. Readers will learn how to apply both qualitative and quantitative techniques to measure impact, likelihood, and risk levels accurately.

The book provides clarity on roles, policies, asset classification, and control selection, reinforced by practical tools like gap analysis and risk assessment software. Real-world scenarios and methodologies are contextualized for effective decision-making aligned with international compliance standards.

By the end, readers will possess a comprehensive understanding of implementing and sustaining a risk management system that meets ISO 27001/27002 requirements, enabling them to better safeguard information assets and demonstrate regulatory accountability.
  • 1. Risk Management
  • 2. Risk Assessment Methodologies
  • 3. Risk Management Objectives
  • 4. Roles and Responsibilities
  • 5. Risk Assessment Software
  • 6. Information Security Policy and Scoping
  • 7. The ISO 27001 Risk Assessment
  • 8. Information Assets
  • 9. Threats and Vulnerabilities
  • 10. Scenario-Based Risk Assessment
  • 11. Impact, Including Asset Valuation
  • 12. Likelihood
  • 13. Risk Level
  • 14. Risk Treatment and the Selection of Controls
  • 15. The Statement of Applicability
  • 16. The Gap Analysis and Risk Treatment Plan
  • 17. Repeating and Reviewing the Risk Assessment
  • Titel: Information Security Risk Management for ISO 27001/ISO 27002. A Practical Guide to Risk, Assessment, and Control Selection Aligned with ISO Standards
  • Autor: IT Governance Publishing, Alan Calder, Steve G Watkins
  • Originaler Titel: Information Security Risk Management for ISO 27001/ISO 27002. A Practical Guide to Risk, Assessment, and Control Selection Aligned with ISO Standards
  • ISBN: 9781806387922, 9781806387922
  • Veröffentlichungsdatum: 2025-07-18
  • Format: E-book
  • Artikelkennung: e_4j0f
  • Verleger: IT Governance Publishing