Rothstein Associates Inc. Business Survival ™ Weblog

• Rothstein.com
• Home
• About
• Contact
• Resources
• Services
• Sitemap

• Popular Categories
• Vital Records
• Testing
• Templates
• survey
• Standards
• Special Offers
• Service Level Agreements (SLAs)
• Root Cause Analysis
• Risk Management
• products

• Profile

  • Register
  • Log in
  • Entries RSS
  • [Un]Subscribe to Posts
• Global Disaster Alert

  • Green alert for tropical cyclone ALETTA-12. Population affected by Category 1 (120 km/h) wind speeds or higher is 0. with wind speeds Tropical Storm (maximum wind speed of 74 km/h) of hurricane strength or stronger.
  • Green earthquake alert (magnitude 6M and depth 154km) in Papua New Guinea 16/05/2012 00:59 UTC, 150000 people within 100km.
  • Green flood alert in Tanzania
  • Green flood alert in Georgia
  • Green flood alert in Afghanistan
  • Orange flood alert in China
  • Green flood alert in Kenya
  • Green earthquake alert (magnitude 6.2M and depth 98.3km) in Chile 14/05/2012 10:00 UTC, 530000 people within 100km.
• Business Survival ™ News

  • 5 Steps for Creating Cost-Optimized Disaster Recovery Plans - Channel Partners
  • County Emergency Management Holds Tabletop Exercise - Atlantic Highlands Herald
  • With the release of ISO 22301, businesses are urged to implement a business ... - MarketWatch (press release)
  • Disaster Recovery Gets a Boost From Cloud Computing - Baseline
  • How to start a business continuity program - CSO
  • Disaster recovery is a success just waiting to happen - CSO
  • Boston MedFlight Works With Broadleaf on Application Uptime, Recoverability ... - MarketWatch (press release)
  • WFT Cloud Announces Cloud-based Disaster Recovery Solution for SAP Landscapes - San Francisco Chronicle (press release)
  • Dublin disaster recovery firm Network Recovery acquires Barlan - Siliconrepublic.com
  • How Windows Server 2012 Improves Active Directory Disaster Recovery - Windows IT Pro

• Business Continuity/Disaster Recovery Bookstore Bestsellers

  Business Continuity and Risk Management
  The First Ever College Textbook on Business Continuity and Risk Management — also a great reference source and self-study guide for business continuity practitioners and novices! More...

  Principles and Practice of Business Continuity
  This new book explores the subject of Business Continuity Management: from basic principles to best practices. More...

  Disaster Recovery Testing
  Untested contingency / recovery plans are of little value. Testing is far more than finding holes in the plan: it confirms the underlying assumptions are workable; it can also be a valuable training tool. More...

  Manufacturing, Distribution Business Continuity
  A new Business Continuity template specifically designed for manufacturing or distribution businesses with 1,150+ pages on CD-ROM. More...

  Facility Emergency Management DVD-based training
  Facility Emergency Management is a brand new DVD-based Training Program PLUS a resource CD-ROM intended to help small and medium size organizations create facility action plans and institute emergency procedures in order to protect workers, customers, visitors and the nearby community from the effects of an incident, whether it begins inside or outside the facility. More...

  Emergency Management Exercises: From Response to Recovery Special
  Exercises are a mainstay in the field of emergency management and business continuity planning. Although many companies conduct exercises, and the organizers may be emergency response subject matter experts, they do not excel in the discipline of designing and conducting the actual exercise – which means they simply don’t get the best results out of their effort. More...
• Archives

  • May 2012 (7)
  • April 2012 (18)
  • March 2012 (27)
  • February 2012 (19)
  • January 2012 (22)
  • December 2011 (22)
  • November 2011 (9)
  • October 2011 (24)
  • September 2011 (22)
  • August 2011 (7)
  • July 2011 (12)
  • June 2011 (9)
  • May 2011 (9)
  • April 2011 (1)
  • March 2011 (17)
  • February 2011 (10)
  • January 2011 (23)
  • December 2010 (10)
  • November 2010 (22)
  • October 2010 (17)
  • September 2010 (31)
  • August 2010 (22)
  • July 2010 (32)
  • June 2010 (41)
  • May 2010 (31)
  • April 2010 (21)
  • March 2010 (42)
  • February 2010 (47)
  • January 2010 (41)
  • December 2009 (48)
  • November 2009 (27)
  • October 2009 (17)
  • September 2009 (37)
  • August 2009 (48)
  • July 2009 (32)
  • June 2009 (39)
  • May 2009 (38)
  • April 2009 (47)
  • March 2009 (51)
  • February 2009 (43)
  • January 2009 (61)
  • December 2008 (36)
  • November 2008 (38)
  • October 2008 (39)
  • September 2008 (27)
  • August 2008 (44)
  • July 2008 (13)
  • June 2008 (6)
  • October 200 (1)
• Affiliates

  • Contingency Planning and Management
  • Continuity Central
  • Disaster Recovery Journal
  • Disaster-Resource.com
  • Kevin's SpyBusters Security Scrapbook
  • Peter H. Gregory
  • Rothstein Catalog on Disaster Recovery
  • Rothstein Catalog on Service Level Books
  • ZDNet Asia: BCP Confidential By Nathaniel Forbes
• Tags

  bci BCM BIA book BS25999 budget Business Continuity Business Continuity Institute Business Continuity Management Business continuity standards business impact assessment cloud computing conference crisis communication crisis management cybersecurity data center data center disaster recovery DHS disaster preparedness Disaster Recovery disaster recovery testing education emergency management emergency preparedness Emergency Response Events exercise FEMA homeland security I.T. DIsaster Recovery information security InfoSecurity international Risk Management scenarios security small business SME Standards survey test Testing Training video

Applying the ISO 27005 risk management standard

• Leave a Comment
• No Comments
• Main Article

Written by Phil on February 24, 2010 in InfoSecurity, Risk Management, Standards.

ISO 27005, issued in 2008, filled a noticeable gap in the ISO 27000 series of standards. The standard is officially titled ISO/IEC 27005.2008, “Information technology — Security techniques — Information security risk management.”

It took the International Organization for Standardization three years to document the standards for the risk management methodology. Now, just as ISO 27005 is gaining traction, the same organization has issued a new standard, ISO 31000.2009, “Risk management — Principles and guidelines.” As a result, some bewilderment has been re-introduced to an already confusing topic.

See Applying the ISO 27005 risk management standard by Steven J. Ross for SearchCompliance.com.

=============================================

The relationship between Business Continuity and Risk Management are addressed in the book A Risk Management Approach to Business Continuity: Aligning Business Continuity with Corporate Governance, by David Kaye and Julia Graham.

Be Sociable, Share!

• 

• Tweet

Tags: Information security risk management, ISO 27005, risk management standard

Contact Us | The Rothstein Catalog on Disaster Recovery | The Rothstein Catalog on Service Level Books Original Feature Articles | Disaster Recovery Forum | Today's Industry News | Links to Industry Web Sites Management Consulting Services | Business Survival ™ Newsletter Business Survival ™ Weblog (New!) ‘Keep Me Posted’ | Privacy Policy | Site Map | RSS Feed

Created by PDQ Web and sweetened with a modified version of Nick Berlette's Chocolate Theme.