Site Loader
Rock Street, San Francisco

An approach to the improvement method
of risk assessment according to ISO 27001

As we have
discussed, I would like to direct my research dissertation on the developing an
improved method of risk assessment according to ISO:27001

We Will Write a Custom Essay Specifically
For You For Only $13.90/page!

order now

The steps
that I would like to follow are as following:

Step 1 is the idea is to analyze the
current risk assessment methods through literature review on an academic and
scientific orientation

Step 2 to see the risk assessment methods as
they are developed from ISO, NIST, SOX which is more industry/technically

Step 3 According to the findings from Step
1 and Step 2 i will create a combined method of Risk Assessment but with
orientation to ISO:27001.

This method
will be based from all the good points which are mentioned from experts on
papers and will be included from all the standards such as ISO, NIST SOX etc.

this, I will also make a research on the field with companies in the industry
of ICT, Insurance and Banking Sector.

From the
answers and Informations that I will receive from the experts, it department, cio,
ciso etc., I will try to identify the following:

that they face during the risk assessment process

issues which they are not able to identify through their risk assessment
process (their risk assessment method does not cover)

method/way that they implement the Risk Assessment techniques

do they create a report of findings?

to they make a list of recommendations from their findings

are the next steps that they take to treat the findings

they treat the findings according to ISO 27001 Risk Assessment, NIST or any
other hybrid method (combined method)?

they use any Software tool for recommendations, or only the paper work?



Post Author: admin


I'm Eric!

Would you like to get a custom essay? How about receiving a customized one?

Check it out