Category Archive for: ‘ISO27005’

Types of Information Security Risks

Over the past few years, the importance to corporate governance of effectively managing risk has become widely accepted. The information security program is a critical component of every organisation’s risk management effort and provides the means for protecting the organization’s digital information and other critical information assets. Information security management means “keeping the business risks associated with information systems under …

Read More
ISO 27005 Risk Management

What is Risk Management?

Risk Management is the process of identifying, analysing and reducing risks. To understand risk management we first have to understand risks. Risk is the possibility of unwanted events happening which could affect the system in a negative or positive way. Examples of unwanted effects could be the degradation of performance of the system, destruction of any of the key component …

Read More

What is Risk Assessment?

Risk assessment is the process of identification of risks followed by the analysis and evaluation. In an ISO 27005 perspective risk is computed by identifying, analysing and evaluating the extent that a particular entity could be affected by some situation or incident adversely. Factors like likelihood and impact determine the risk potential. Instead of one time activity, risk assessment is …

Read More

Risk Assessment Report

Risk is a combination of the consequences that would follow from the occurrence of an unwanted event and the likelihood of the occurrence of the event. There is no enterprise that operates without risk. It is an integral part of the business landscape. Not every risk is inevitable, however. When analyzed carefully, some risk is found to be the result …

Read More
    Twitter not configured.