ISO 27001 is the international standard that specifies the requirements for an ISMS (information security management system) -, a best-practice approach to addressing information security that encompasses people, processes, and technology.
The assessment and management of risks is at the core of ISO 27001, which ensures that the ISMS continually adapts to changes in the organisation and the environment in which it operates.
This webinar will unpack the components of an effective risk management approach, and impart valuable lessons learnt so that attendees can apply it in their organisation at little or no cost. It will cover:
- Establishing a risk management framework;
- Identifying risks to the ISMS;
- Conducting an information security risk assessment;
- Taking risk decisions and choosing risk treatment options; and
- Reporting and following up.