ISO/IEC 27005:2022, Information security, cybersecurity and privacy protection – Guidance on managing information security risks
ISO/IEC 27005:2022 provides guidelines for information security risk management. Knowledge of the concepts, models, processes and terminologies described in ISO 27001 and ISO 27002 is important for a complete understanding of this standard.
This document supports the main concepts specified in ISO 27001 and is designed to assist with the implementation of information security based on a risk management approach.
This document applies to all types of organisations (e.g. commercial enterprises, government agencies, non-profit organisations) that intend to manage risks that can compromise their information security.
If you are interested in purchasing a multi-user licence for this standard, please get in touch with us to discuss your requirements. You will receive a watermarked PDF which you will be able to store on an internal network, with access restricted to the predefined number of simultaneous users. Purchasing a multiuser licence grants you permission to print copies of the standard, up to the specified number of users.