The number of the standard is ISO/IEC 27005:2018,whose name is Information technology — Security techniques — Information security risk management.
Are you looking for this standard? If the answer is YES,then I want to say that you have found the right place. You can download ISO/IEC 27005:2018 for free on www.freestandardsdownload.com.
This document provides guidelines for information security risk management in an organization.However, this document does not provide any specific method for information security risk management.It is up to the organization to define their approach to risk management, depending for example on the scope of an information security management system (ISMS)， context of risk management, orindustry sector. A number of existing methodologies can be used under the framework described in this document to implement the requirements of an ISMS. This document is based on the asset, threat and vulnerability risk identification method that is no longer required by ISO/IEC 27001.
This document does not contain direct guidance on the implementation of the ISMS requirements givenin ISO/IEC 27001.
This document is relevant to managers and staff concerned with information security risk management within an organization and, where appropriate, external parties supporting such activities.
This standard is shared by an Chinese netizen for free. What do you think of this standard?It is helpful to you? Welcome to leave a message below.Thanks.

Share on Facebook

Post on X

Follow us

Save