Posts Tagged ‘ISO/IEC 27005:2008’

A New Risk Management Standard Worth Looking At

Saturday, November 29th, 2008

The bulk of data protection laws and regulations require that security and privacy controls be established based upon the organization’s existing and unique risks. Many organizations struggle to find a way to effectivevly determine the risks that exist for their businesses. Often what results is similar to taking a shot in the dark to determine risks.