Over deze norm
|Commissie||Informatiebeveiliging, Cyber security en Privacy|
This Standard gives guidance to support the requirements given in ISO/IEC 27001:2005 regarding all aspects of an ISMS risk management cycle. This cycle includes assessing and evaluating the risks, implementing controls to treat the risks, monitoring and reviewing the risks, and maintaining and improving the system of risk controls. The focus of this standard is effective information security through an ongoing programme of risk management activities. This focus is targeted at information security in the context of an organization's business risks. The guidance set out in the British Standard is intended to be applicable to all organizations, regardless of their type, size and nature of business. It is intended for those business managers and their staff involved in ISMS (Information Security Management System) risk management activities.
|Nederlandse titel||Managementsystemen voor informatiebeveiliging (ISMS) - Deel 3: Richtlijnen voor informatiebeveiligingsrisicobeheer (BS 7799-3:2006)|
|Engelse titel||Information security manmagement systems - Part 3: Guidelines for information security risk management (BS 7799-3:2006)|