Information security risk management

Document Information

GSC Classification OFFICIAL
Access Policy Open
Reference bps27136-0000-00
Alt. Reference
Digital Intelligence and Investigation DII S&R 030
International Standards Organisation 27005
Document Status Current
Primary Classification
Author Organisation International Standards Organisation
Sponsor OrganisationNot Known
Trustee NPTC Standards Working Group, trustee@standards.police.uk

Copyright Notice Copyright (c) 2016 National Police Technology Council (NPTC) group and the persons identified as the document authors. All rights reserved.

Abstract

ISO/IEC 27005 provides guidelines for information security risk management. It is a very good supplement to ISO 27001 because it gives details on how to perform risk assessment and risk treatment, probably the most difficult stage in the implementation. ISO 27005 emerged from the British standard BS 7799-3.

Usage

This supplements ISO 27001 by giving details on how to perform risk assessment and treatment in relation to information security management

Changelog

, ,

, ,

Approvals

DateApproverOrganisationEmailComments
2018-10-22Digital Intelligence and InvestigationInternal assurance through the DPP programme.

Obsoleted By

Obsoletes

Projects

NameStatus
Standards | DII Programme IntegrationActive

Discussions

We’d love you to discuss this item but please be aware that these discussions are publicly accessible.