ISO/27005: Unterschied zwischen den Versionen
Keine Bearbeitungszusammenfassung |
|||
| Zeile 6: | Zeile 6: | ||
; Prozess-Überblick | ; Prozess-Überblick | ||
[[File:iso27005overview.png|600px]] | [[File:iso27005overview.png|600px]] | ||
{| class="wikitable options" | |||
|- | |||
! Option !! Beschreibung | |||
|- | |||
| Context Establishment || | |||
|- | |||
| Risk Identification || | |||
|- | |||
| Risk Estimation || | |||
|- | |||
| Risk Evaluation || | |||
|- | |||
| Risk Treatment || | |||
|- | |||
| Risk Acceptance || | |||
|- | |||
| Risk Monitoring and Review || | |||
|- | |||
| Risk Communication || | |||
|} | |||
== ISO 27005 - Anhänge == | == ISO 27005 - Anhänge == | ||
Version vom 23. Mai 2024, 18:15 Uhr
ISO/IEC 27005 – Information security risk management
Beschreibung
ISO FCD 27005 ist an den BS 7799-3 angelehnt und behandelt das Thema IS Risikomanagement
- Prozess-Überblick
| Option | Beschreibung |
|---|---|
| Context Establishment | |
| Risk Identification | |
| Risk Estimation | |
| Risk Evaluation | |
| Risk Treatment | |
| Risk Acceptance | |
| Risk Monitoring and Review | |
| Risk Communication |
ISO 27005 - Anhänge
| Anhang | Thema | Beschreibung |
|---|---|---|
| A | Geltungsbereich | Bestimmung
|
| B | Assets |
|
| C | Typische Bedrohungen | |
| D | Typische Schwachstellen | Methoden zur Schwachstellenbewertung |
| E | Bewertung | Informationssicherheitsrisiken |
| F | Einwirkungen für das IT-Risikomanagement |