|
|
|
ISO/IEC 27005:2011 Information technology – Security techniques – Information security risk management |
|
|
|
|
ISO/IEC 27005:2011 Information technology – Security techniques – Information security risk management |
|
|
ISO/IEC 27005:2011 Information technology – Security techniques – Information security risk management Now, ISO has announced that ISO/IEC 27005:2011 is now available. The standard help organizations that wish to manage their information security risks in a similar way to the way they manage other risks. ISO/IEC 27005:2011 ‘Information technology – Security techniques – Information security risk management’ describes the information security risk management process and associated actions, and supports the general concepts specified in ISO/IEC 27001:2005. Information security risks pose a considerable threat to businesses due to the possibility of financial loss or damage, loss of essential network services, or loss of reputation and customer confidence. Risk management is one of the key elements in preventing online fraud, identity theft, damage to websites, loss of personal data and many other information security incidents. Without a solid risk management framework, organizations expose themselves to many types of cyber threats. |
|
|