Howard and Jim chat about ISO 27005 – Managing Information Security Risks in this episode of the ISO Review Podcast.
Items discussed include:
- Plan – Do – Check – Act Approach
- Identify the risk
- Analyze the naure and level of the risk
- Evaluate (low – medium – high ) the risk
- Select objectives and controls for the treatment of the risk
- Determine what is an acceptable level of the residual risk
We look forward to having you join us next year for more episodes of the ISO review Podcast.
Leave a Comment