Site Loader
Rock Street, San Francisco

An approach to the improvement method
of risk assessment according to ISO 27001

As we have
discussed, I would like to direct my research dissertation on the developing an
improved method of risk assessment according to ISO:27001

We Will Write a Custom Essay Specifically
For You For Only $13.90/page!


order now

The steps
that I would like to follow are as following:

·        
Step 1 is the idea is to analyze the
current risk assessment methods through literature review on an academic and
scientific orientation

·        
Step 2 to see the risk assessment methods as
they are developed from ISO, NIST, SOX which is more industry/technically
oriented

·        
Step 3 According to the findings from Step
1 and Step 2 i will create a combined method of Risk Assessment but with
orientation to ISO:27001.

This method
will be based from all the good points which are mentioned from experts on
papers and will be included from all the standards such as ISO, NIST SOX etc.

Besides
this, I will also make a research on the field with companies in the industry
of ICT, Insurance and Banking Sector.

From the
answers and Informations that I will receive from the experts, it department, cio,
ciso etc., I will try to identify the following:

·        
Gaps
that they face during the risk assessment process

·        
Security
issues which they are not able to identify through their risk assessment
process (their risk assessment method does not cover)

·        
The
method/way that they implement the Risk Assessment techniques

·        
How
do they create a report of findings?

·        
How
to they make a list of recommendations from their findings

·        
Which
are the next steps that they take to treat the findings

·        
Do
they treat the findings according to ISO 27001 Risk Assessment, NIST or any
other hybrid method (combined method)?

·        
Do
they use any Software tool for recommendations, or only the paper work?

·        
 

 

Post Author: admin

x

Hi!
I'm Eric!

Would you like to get a custom essay? How about receiving a customized one?

Check it out