BS ISO/IEC 27005:2011 Information technology. Security techniques. Information security risk management

What is BS ISO/IEC 27005 (also known as ISO/IEC 27005)?

ISO/IEC 27005 is the international standard which provides you with the guidelines for information security risk management.

By following this standard you can put effective information security measures in place, as specified ISO/IEC 27001 based on a risk management approach.

Based on the consensus of the international team of information security experts, ISO/IEC 27005,essential part of the ISO/IEC 27000 series, encourages you to go through the provensteps to make sure your information security management system reflects and manages the risks to your organization’s information.

How does ISO/IEC 27005 help me toimplement ISO/IEC 27001 based on a risk management approach?

1) It describes the information security risk management process and associated actions

2) It covers the concepts, models, processes and terminologies described in ISO/IEC 27001 and ISO/IEC 27002, helping you to apply and integrate ISO/IEC 27005:2008 more quickly and easily

3) It take you through each step making sure you don’t miss out any vital steps.

Why has BS ISO/IEC 27005 been revised?

BS ISO/IEC 27005 has now been revised so it is easier to use with the international standard for risk management, ISO 31000.

Back to Top