ISO Updates Information Security Standard

The standard provides organizations with guidance on navigating information security risks.

The ISO/IEC 27005:2018 standard, Information technology – Security techniques – Information security risk management, has been revised recently, according to the International Organization for Standardization. The standard provides organizations with guidance on navigating information security risks.

ISO/IEC works complementary to ISO/IEC 27001:2013 to provide the requirements for an information security management system. The updated standard provides guidance for risk management to help meet requirements set out in ISO/IEC 27001.

“ISO/IEC 27005 provides the ‘why, what and how’ for organizations to be able to manage their information security risks effectively in compliance with ISO/IEC 27001,” said Edward Humphreys, Convener of the ISO/IEC working group that developed both ISO/IEC 27001 and ISO/IEC 27005. “It also helps to demonstrate to an organization’s customers or stakeholders that robust risk processes are in place, giving them confidence that they are good to do business with.”

The standard is a key tool in the ISO/IEC 27000 toolkit, according to Humphreys. ISO/IEC 27005 is one of more than a dozen standards in the cyber-risk standard series, including standards for protecting information in the Cloud, cybersecurity, and more.

Download Center

  • The Ultimate Guide to OSHA Recordkeeping

    When it comes to OSHA recordkeeping, there are always questions regarding the requirements and in and outs. This guide is here to help!

  • Lone Worker Safety Guide

    As organizations digitalize and remote operations become more commonplace, the number of lone workers is on the rise. These employees are at increased risk for unaddressed workplace accidents or emergencies. This guide was created to help employers better understand common lone worker risks and solutions for lone worker risk mitigation and incident prevention.

  • Online Safety Training Buyer's Guide

    Thinking of getting an online safety training solution at work but not sure how to evaluate different solutions and find the one that's best for your company? Use this handy buyer's guide to learn the basics of selecting online safety training and how to use it at your workplace.

  • SDS Software Buyer's Guide

    Whether this is your first time shopping for online SDS software or you’re upgrading from a legacy solution, this guide is designed for you to use in your search for the safety management solution that works best for you and your company.

  • Risk Matrix Guide

    Risk matrices come in many different shapes and sizes. Understanding the components of a risk matrix will allow you and your organization to manage risk effectively.

  • Vector Solutions

OH&S Digital Edition

  • OHS Magazine Digital Edition - November December 2021

    November December 2021

    Featuring:

    • GAS DETECTION
      How to Streamline Gas Detector Maintenance
    • OSHA TOP 10
      OSHA's Top 10 Most Frequently Cited Standards for FY 2021
    • PROTECTIVE APPAREL
      How PPE Can Help You Deal with the Harsh Condition of Winter
    • HEARING PROTECTION
      Tackling Hearing Protection in the Workplace
    View This Issue