ISO/IEC 27005:2008 provides guidelines for information security risk management. It supports the general concepts specified in ISO/IEC 27001 and is designed to assist the satisfactory implementation of information security based on a risk management approach. Knowledge of the concepts, models, processes and terminologies described in ISO/IEC 27001 and ISO/IEC 27002 is important for a complete understanding of ISO/IEC 27005:2008. ISO/IEC 27005:2008 is applicable to all types of organizations (e.g. commercial enterprises, government agencies, non-profit organizations) which intend to manage risks that could compromise the organization's information security.
NEW! This publication is now available in formats compatible with popular ebook readers. Choose our ebooks package which includes:
- Standard PDF and ePub formats, compatible with most readers,
- ePub format optimized for Apple's iPad and iPhone, which allows full use of the functionalities of these devices,
- Mobipocket format, compatible with Amazon's Kindle.