Search in ISMS Guides


Wednesday, August 8, 2007

Introduction To ISO 27005 (ISO27005)

ISO 27005 will be the name of an emerging standard covering information security risk management. As with some of the other standards in the ISO 27000 series, no firm dates have been established for its release. However, it will define the ISMS risk management process, including identification of assets, threats and vulnerabilities.


It is likely that the ISO27005 standard will be based upon ISO 13335 (MICTS Part 2), which provide guidelines for the management of information and communications technology security. There is also likely to be a relationship with BS7799-3, which was published in March 2006.

More information will be published on this page as it is made available.

From :

No comments: