This document provides guidance to assist organizations to:
— fulfil the requirements of ISO/IEC 27001 concerning actions to address information security risks;
— perform information security risk management activities, specifically information security risk assessment and treatment.
This document is applicable to all organizations, regardless of type, size or sector.
Status: PublishedPublication date: 2022-10
Edition: 4Number of pages: 62
Technical Committee: ISO/IEC JTC 1/SC 27 Information security, cybersecurity and privacy protection
Buy this standard
|std 1 187||PDF + ePub|
|std 2 187||Paper|