Information Security Risk Management for ISO27001/ISO27002
Alan Calder
Drawing on international best practice, including ISO/IEC 27005, NIST SP800-30 and BS7799-3, the book explains in practical detail how to carry out an information security risk assessment.