ISO 27001 risk management process
Assign topic to the user
Question based on the text of one of marketing e-mails: "Do you struggle to understand all of the steps required for a successful implementation of the ISO 27001 risk management process?
Answer:
ISO 27001 is a standard for information security management, and one of its pillars is the definition and performing of a risk management process, and that process may or may not be based on ISO 31000:2018.
These articles will provide you further explanation about these two standards:
- What is ISO 27001 https://advisera.com/27001academy/what-is-iso-27001/
- ISO 31000 and ISO 27001 – How are they related? https://advisera.com/27001academy/blog/2014/03/31/iso-31000-and-iso-27001-how-are-they-related/
These materials will also help you regarding risk management on ISO 27001:
- Book ISO 27001 Risk Management in Plain English https://advisera.com/books/iso-27001-annex-controls-plain-english/
- The basics of risk assessment and treatment according to ISO 27001 [free webinar on demand] https://advisera.com/27001academy/webinar/basics-risk-assessment-treatment-according-iso-27001-free-webinar-demand/
Comment as guest or Sign in
Oct 20, 2018