The International Organization for Standardization (ISO) has released a new version of its information security standard designed to help organizations better manage information security risks. The new standard offers IT managers and staff with a framework to execute a risk management (RM) approach to information security. The information security RM process comprises context establishment, risk assessment, risk treatment, risk acceptance, risk communication as well as risk monitoring and review, as per the new standard. The new standard comprises a number of previously issued RM documents.
Click here for the release from International Organization for Standardization.