Information Risk Assessment and Treatment in ISO 27001

In this episode of InfoSec Insider, Jack Woods, Consultant at URM, explores information risk assessment and risk treatment in the context of ISO 27001, the International Standard for Information Security Management Systems (ISMS’).  Jack leverages his extensive experience assisting organisations to implement an ISMS and certify to the Standard to discuss:

• The purpose of a risk assessment
• How risk fits into ISO 27001 and its requirements
• How to conduct an information security risk assessment
• The actions you can take to treat the risks you identify.

Learn more about this topic:  https://www.urmconsulting.com/blog/information-risk-assessment-and-treatment-in-iso-27001

If you enjoyed this episode of InfoSec Insider, you can leave us a rating and review here:  https://ratethispodcast.com/infosecinsider   

You can find more episodes of InfoSec Insider here:   https://urmconsulting.com/podcasts   

Brought to you by URM, the UK’s leading information and cyber security specialists.