Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

ISO 27001-2013-Clauses v3.0 - Module 04 -Clause 6

This Slideshare presentation is a partial preview of the full business document. To view and download the full document, please go here:
http://flevy.com/browse/business-document/iso-27001-2013-clauses-v3-0-module-04clause-6-2572

BENEFITS OF DOCUMENT
1. Learn about ISO 27001 2013 practices.

DOCUMENT DESCRIPTION

This module deals with the Clauses to ISO 27001 2013 programs.

  • Be the first to comment

  • Be the first to like this

ISO 27001-2013-Clauses v3.0 - Module 04 -Clause 6

  1. 1. Elearning on ISO 27001:2013 Clauses
  2. 2. 6.1 Actions to address risks and opportunities 6.1.1 General When planning for the ISMS, organization shall consider the issues referred to in 4.1 and the requirements referred to in 4.2. 4 This document is a partial preview. Full document download can be found on Flevy: http://flevy.com/browse/document/iso-27001-2013-clauses-v3-0-module-04clause-6-2572
  3. 3. 6.1.2 Information security risk assessment Organization shall define and apply an infosec risk assessment process that: a) establishes and maintains information security risk criteria that include: 1. the risk acceptance criteria and 2. criteria for performing information security risk assessments b) ensures that repeated information security risk assessments produce consistent, valid and comparable results This document is a partial preview. Full document download can be found on Flevy: http://flevy.com/browse/document/iso-27001-2013-clauses-v3-0-module-04clause-6-2572
  4. 4. 6.1.2 Information security risk assessment e. evaluates the information security risks: 1. compare the results of risk analysis with the risk criteria established in 6.1.2 a) 2. prioritize the analyzed risks for risk treatment • Mandatory documented information: Infosec risk assessment process This document is a partial preview. Full document download can be found on Flevy: http://flevy.com/browse/document/iso-27001-2013-clauses-v3-0-module-04clause-6-2572
  5. 5. 6.1.3 Information security risk treatment. Contd. Note 2: Control objectives are implicitly included in the controls chosen. Control objectives and controls listed in Annex A are not exhaustive and additional control objectives and controls may be needed. 13 This document is a partial preview. Full document download can be found on Flevy: http://flevy.com/browse/document/iso-27001-2013-clauses-v3-0-module-04clause-6-2572
  6. 6. 6.1.3 Information security risk treatment. Contd. Mandatory documented information: infosec risk treatment process Note: The infosec risk assessment and treatment process in ISO 27001 aligns with the principles and generic guidelines provided in ISO 31000. 16 This document is a partial preview. Full document download can be found on Flevy: http://flevy.com/browse/document/iso-27001-2013-clauses-v3-0-module-04clause-6-2572
  7. 7. Any Questions? Thank You This document is a partial preview. Full document download can be found on Flevy: http://flevy.com/browse/document/iso-27001-2013-clauses-v3-0-module-04clause-6-2572
  8. 8. 1 Flevy (www.flevy.com) is the marketplace for premium documents. These documents can range from Business Frameworks to Financial Models to PowerPoint Templates. Flevy was founded under the principle that companies waste a lot of time and money recreating the same foundational business documents. Our vision is for Flevy to become a comprehensive knowledge base of business documents. All organizations, from startups to large enterprises, can use Flevy— whether it's to jumpstart projects, to find reference or comparison materials, or just to learn. Contact Us Please contact us with any questions you may have about our company. • General Inquiries support@flevy.com • Media/PR press@flevy.com • Billing billing@flevy.com

    Be the first to comment

    Login to see the comments

This Slideshare presentation is a partial preview of the full business document. To view and download the full document, please go here: http://flevy.com/browse/business-document/iso-27001-2013-clauses-v3-0-module-04clause-6-2572 BENEFITS OF DOCUMENT 1. Learn about ISO 27001 2013 practices. DOCUMENT DESCRIPTION This module deals with the Clauses to ISO 27001 2013 programs.

Views

Total views

218

On Slideshare

0

From embeds

0

Number of embeds

1

Actions

Downloads

0

Shares

0

Comments

0

Likes

0

×