BS7799-3 (BS 7799-3) Risk Management Guidelines

BS7799-3 (BS 7799-3) Risk Management Guidelines

UK's best practice for managing information security risk.

This excellent standard works with ISO 27001 and ISO 27002 and provides guidance on identifying, evaluating, treating and managing information security risks.

Select your format:
Quantity:   
Ready to order
Sub Total: $0.00
CHECKOUT
 
Other payment options available

Pay by telephone, Call + 1 877 317 3454 between 7am and 5pm EST and have your payment card at hand.

Pay by check or bank transfer/wire? Email servicecenter@itsmfusa-online-store.com with the products you require and we will send payment details.

FEDERAL GOVERNMENT, STATE AUTHORITIES, FINANCIAL INSTITUTIONS and LISTED COMPANIES can purchase with a PO. Email your PO to servicecenter@itsmfusa-online-store.com and we will get moving.

Questions: Email servicecenter@itsmfusa-online-store.com or our fax number is:
+ 44 1353 662667

 

BS7799-3 BS 7799-3 Risk Management Guidelines: British Risk Management Standard – BS7799-3:2006

Risk assessment is fundamental to developing an ISMS that meets the requirements of ISO27001:2005 (BS7799-2).

Identifying, evaluating, treating and managing information security risks are key processes if businesses want to keep their information safe and secure. Whilst these processes are specified in the new information security standard BS ISO/IEC 27001:2005, further guidance is required on how to manage these risks, as well as how to put them in context with other business risks.

There are two sources for this guidance. ISO/IEC 27005 is one; British Standard BS7799-3:2006 is the other. It covers:

  • Risk assessment
  • Risk treatment
  • Management decision making
  • Risk re-assessment
  • Monitoring and reviewing of risk profile
  • Information security risk in the context of corporate governance
  • Compliance with other risk based standards and regulations.

BS7799-3:2006 gives guidance to support the requirements given in BS ISO/IEC 27001:2005 regarding all aspects of an information security management system (ISMS) risk management cycle. This includes assessing and evaluating the risks, implementing controls to treat the risks, monitoring and reviewing the risks, and maintaining and improving the system of risk controls.

The focus of this standard is effective information security through an ongoing programme of risk management activities. This focus is targeted at information security in the context of an organisation's business risks.

The guidance set out in this British Standard is intended to be applicable to all organisations, regardless of their type, size and nature of business. It is intended for those business managers and their staff involved in ISMS risk management activities.

BS 7799-3:2006 was published on 16 March 2006 and is available.

ISBN 10: 0580472477
ISBN 13: 9780580472473
Format: Hardcopy
Other formats: Download

Product Rating: (0.00)   # of Ratings: 0   (Only registered customers can rate)

There are no comments for this product.



BS31100 (BS 31100) Code of Practice for Risk Management and Guidance for ISO31000
BS31100 (BS 31100) Code of Practice for Risk Management and Guidance for ISO31000		 BS25999-2 (BS 25999-2) Specification for Business Continuity Management
BS25999-2 (BS 25999-2) Specification for Business Continuity Management		 BS25999-1 (BS 25999-1) Code of Practice for Business Continuity Management
BS25999-1 (BS 25999-1) Code of Practice for Business Continuity Management		 50 Top IT Project Management Challenges
50 Top IT Project Management Challenges