Cover image for Information Security Risk Management for ISO 27001/ISO 27002

Information Security Risk Management for ISO 27001/ISO 27002

A Practical Guide to Risk, Assessment, and Control Selection Aligned with ISO Standards

IPSWAC

Created by IT Governance Publishing, Steve G Watkins, Alan Calder

Explore how to identify, assess, and manage information security risks using ISO 27001 and ISO 27002 standards. Learn to apply practical tools and real-world methods for effective risk control and compliance. Gain the skills to protect information assets and support regulatory accountability.

IT Governance Publishing | Jul 2025 | 181 min

Start Trial
LevelIntermediate
CategoriesCybersecurity, Compliance, Regulatory Standards and Security Frameworks

What You Will Learn

You will work through each stage of the risk management process, from assessment to treatment and review, using practical examples and proven methodologies. Along the way, you will use real-world tools and scenarios to reinforce your understanding and build confidence in applying ISO-aligned risk management practices.

Key Features

  • Break down information security risk management into clear, actionable steps
  • Use both qualitative and quantitative methods to assess and prioritize risks
  • Select and implement effective controls aligned with ISO standards

Target Audience

Designed for IT security professionals, compliance officers, auditors, and project managers who already understand basic information security concepts. If you are responsible for implementing or maintaining ISO 27001 or ISO 27002 standards and want to deepen your risk management skills, you will find practical value here.

Related courses

Pro
Cover image for The Psychology of Information Security
Pro
Cover image for Managing AI Risk
Pro
Cover image for The Cyber Resilience Handbook
Pro
Cover image for ISO/IEC 27701:2025
Pro
Cover image for IT Governance
Pro
Cover image for ISO 27001 Controls