The Seven Steps to an ISO 27001 Risk Assessment Process: New Podcast

In this podcast we are releasing an extract from one of our bestselling books, ISO27001/ISO27002:2013 – A Pocket Guide, discussing the seven steps that must be followed when carrying out an ISO 27001 risk assessment.

The risk assessment process determines the controls that need to be deployed in your ISMS (information security management system). It leads to the Statement of Applicability, which identifies the controls that you are deploying to mitigate issues raised during your risk assessment process.

Listen to our podcast to find out how to conduct a risk assessment.

The seven steps to a risk assessment

The steps discussed in our podcast are:

1. Identify risks associated with the loss of confidentiality, integrity and availability of information within the scope of the ISMS;
2. Identify the risk owners;
3. Assess the consequences that may arise if an identified risk materialises;
4. Assess the likelihood of that risk occurring;
5. Determine the levels of risk;
6. Compare the results of the analysis against the risk criteria; and
7. Prioritise the risks for treatment.

Protect your organisation’s information assets using ISO 27001:2013

Information is one of your organisation’s most important resources, so keeping it secure is vital.
This handy pocket guide contains an essential overview of two key information security standards that cover the formal requirements (ISO 27001:2013) for creating an ISMS, and the best-practice recommendations (ISO 27002:2013) for those responsible for initiating, implementing or maintaining it.

Completely up to date with the 2013 release of ISO 27001, ISO27001/ISO27002:2013 – A Pocket Guide covers:

• The ISO/IEC 27000 family of information security standards;
• Background to the Standard’s certification process;
• The ISMS and ISO 27001:2013;
• Specification versus code of practice;
• Documentation and records;
• Management responsibility;
• Policy and scope;
• Risk assessment;
• Implementation; and
• Continual improvement.

Receive a 15% discount on this book

Purchase this book or any other Alan Calder product in October to get a 15% discount when you use code Calder15 at the checkout.

ISO27001/ISO27002:2013 – A Pocket Guide

Alan Calder products