One of the governing elements in ISO 27001 is the requirement that information security be based on the actual risks to which the organisation is exposed. As a whole, this activity is known as risk management.
This document describes the method that Neupart recommends organisations to use in risk management. The method has been based on the standard for Risk Management: ISO 27005.
Download the guide to