CSA ISO/IEC 27005:24

Information security, cybersecurity and privacy protection — Guidance on managing information security risks

1 Scope This document provides guidance to assist organizations to: — fulfil the requirements of ISO/IEC 27001 concerning actions to address information security risks; — perform information security risk management activities, specifically information security risk assessment and treatment. This document is applicable to all organizations, regardless of type, size or sector.

SDO:

CSA

Language:

English

ICS Codes:

35.030

Status:

Standard

Publish date:

2024-02-29

Standard Number:

CSA ISO/IEC 27005:24