Assessing risks
Information security, cybersecurity, and protection of privacy data - ISO/IEC 27001 : 2022

Add to my library

H5070 V3 Article

Assessing risks


Information security, cybersecurity, and protection of privacy data - ISO/IEC 27001 : 2022

Author : Claude PINET

Publication date: July 10, 2024 | Lire en français

Add to my library Add to my library

Logo Techniques de l'Ingenieur You do not have access to this resource.
Request your free trial access! Free trial

Already subscribed?

9. Assessing risks

Risk assessment is the third step in risk evaluation.

Risk assessment: the process of comparing the results of risk analysis with risk criteria to determine whether the risk and/or its significance are acceptable or tolerable (ISO/IEC 27000, § 3.67).

9.1 Risk importance criteria

Criticality: level of importance of a risk. It is the result of combining the quantified characteristics of the risk, i.e. its severity, probability of occurrence and/or probability of detection (FD X 50-117).

The analysis of the importance of a risk therefore consists of :

  • assess its impact or severity...

You do not have access to this resource.
Logo Techniques de l'Ingenieur

Exclusive to subscribers. 97% yet to be discovered!

You do not have access to this resource. Click here to request your free trial access!

Already subscribed?


Article included in this offer

"Software technologies and System architectures"

( 230 articles )

Complete knowledge base

Updated and enriched with articles validated by our scientific committees

Services

A set of exclusive tools to complement the resources

View offer details

Dans les ressources documentaires

Cloud Computing - Informatique en nuage

Le Cloud Computing est une révolution dans la manière d’organiser, de gérer et de distribuer des ressourc...

Référentiels normatifs - Gestion du cycle de vie du logiciel

Le logiciel, objet immatériel, existe après avoir été conçu, fabriqué et testé avant d’être utilisab...

Protocoles SSL/TLS

Cet article a pour objet la sécurisation des applications de type client-serveur sur Internet. La démarch...

NIS2 et ISO/IEC 27001 – Vers une cyberrésilience de l’Union européenne

L'objet de cet article est d’apporter des précisions sur la directive NIS2, les différences avec la norme...

Tous les livres blancs
Toutes les actualités
Contact us