ISO Updates Information Security Standard

The standard provides organizations with guidance on navigating information security risks.

The ISO/IEC 27005:2018 standard, Information technology – Security techniques – Information security risk management, has been revised recently, according to the International Organization for Standardization. The standard provides organizations with guidance on navigating information security risks.

ISO/IEC works complementary to ISO/IEC 27001:2013 to provide the requirements for an information security management system. The updated standard provides guidance for risk management to help meet requirements set out in ISO/IEC 27001.

“ISO/IEC 27005 provides the ‘why, what and how’ for organizations to be able to manage their information security risks effectively in compliance with ISO/IEC 27001,” said Edward Humphreys, Convener of the ISO/IEC working group that developed both ISO/IEC 27001 and ISO/IEC 27005. “It also helps to demonstrate to an organization’s customers or stakeholders that robust risk processes are in place, giving them confidence that they are good to do business with.”

The standard is a key tool in the ISO/IEC 27000 toolkit, according to Humphreys. ISO/IEC 27005 is one of more than a dozen standards in the cyber-risk standard series, including standards for protecting information in the Cloud, cybersecurity, and more.

Download Center

HTML - No Current Item Deck
  • Free Safety Management Software Demo

    IndustrySafe Safety Management Software helps organizations to improve safety by providing a comprehensive toolset of software modules to help businesses identify trouble spots; reduce claims, lost days, OSHA fines; and more.

  • Track Key Safety Performance Indicators

    IndustrySafe’s Dashboard Module allows organizations to easily track safety KPIs and metrics. Gain increased visibility into your business’ operations and safety data.

  • Analyze Incident Data

    Collect relevant incident data, analyze trends, and generate accurate regulatory reports, including OSHA 300, 300A, and 301 logs, through IndustrySafe’s extensive incident reporting and investigation module.

  • Safety Training 101

    When it comes to safety training, no matter the industry, there are always questions regarding requirements and certifications. We’ve put together a guide on key safety training topics, requirements for certifications, and answers to common training questions.

  • Conduct EHS Inspections and Audits

    Record and manage your organization’s inspection data with IndustrySafe’s Inspections module. IndustrySafe’s pre-built forms and checklists may be used as is, or can be customized to better suit the needs of your organization.

  • Industry Safe
comments powered by Disqus

OH&S Digital Edition

  • OHS Magazine Digital Edition - April 2019

    April 2019

    Featuring:

    • ELECTRICAL SAFETY
      Taking the Guesswork Out of De-Energizing Industrial Equipment 
    • VISION PROTECTION
      Four Simple and Effective Ways to Avoid Digital Eye Strain
    • FOOT PROTECTION
      PPE the Automotive Industry Needs to Invest In
    • FIRE SAFETY
      Eliminate 10 Fire Hazards That May Be in Plain Sight
    View This Issue