Summary
The overview (see link under web resources) provides an overview of Risk Management / Risk Assessment Standards (RM / RA).
Direct Relevance:
- ISO/IEC Standard 13335 - Information technology -- Security techniques -- Management of information and communications technology security
- BS 25999 – Business continuity management
- ISO/IEC Standard 15443 - Information technology -- Security techniques -- A framework for IT security assurance
- ISO/IEC Standard 17799 - Information technology -- Security techniques -- Code of practice for information security management
- ISO/IEC Standard 18028 - Information technology -- Security techniques -- IT network security
- ISO/IEC Standard 27001 - Information technology -- Security techniques -- Information security management systems
- BS 7799-3 – Information security management systems -- Guidelines for information security risk management
- ISO/IEC TR 18044 – Information technology -- Security techniques -- Information security incident management
- Initiatives of the Information Security Forum, including the Standard of Good Practice and their auditing standards
- ISO Standard 13569 - Financial services -- Information security guidelines
Indirect Relevance
- ISO/IEC Standard 15816 – Information technology -- Security techniques -- Security information objects for access control
- ISO/IEC TR 15947 - Information technology -- Security techniques -- IT intrusion detection framework
- ISO/IEC Standard 15408 - Information technology -- Security techniques -- Evaluation criteria for IT security
- ISO/IEC TR 15446 – Information technology -- Security techniques -- Guide for the production of Protection Profiles and Security Targets
- ISO/IEC 18045 – Information technology -- Security techniques -- Methodology for IT security evaluation
More information & hyperlinks