ISO/IEC 27001 provides requirements for organizations seeking to establish, implement, maintain and continually improve an information security management system. This framework serves as a guideline…
When deciding on a risk assessment methodology, one question that usually pops up is: quantitative vs qualitative risk assessments – what is the difference between…
Risk assessment is without a doubt the most fundamental, and sometimes complicated, stage of ISO 27001. Getting the risk assessment right will enable correct identification…