Information Security Risk Management Handbook: Handbook for ISO/IEC 27001

The focus of this book is based around the concept of having an information security management system (ISMS) as a framework for achieving the effective management of information security risks. International standard ISO/IEC 27001 is a world recognized standard for establishing, implementing, monitoring and reviewing, updating and improving an ISMS. ISO/IEC 27005 is an ISMS risk management standard that supports the implementation of ISO/IEC 27001. This book is aimed at those business managers and staff involved in ISMS risk management activities. It is a practical handbook for the use and application of ISO/IEC 27005. It provides guidance and advice to specifically support the implementation of those requirements specified in ISO/IEC 27001:2005 that relate to risk management processes and associated activities.