Which standard prescribes a risk assessment to identify whether each control is required to
decrease risks and if so, to which extent it should be applied?
A.
ISO 27001
B.
ISO 27002
C.
ISO 17799
D.
HIPPA
E.
ISO 9000
Explanation:
Which standard prescribes a risk assessment to identify whether each control is required to
decrease risks and if so, to which extent it should be applied?
Which standard prescribes a risk assessment to identify whether each control is required to
decrease risks and if so, to which extent it should be applied?
A.
ISO 27001
B.
ISO 27002
C.
ISO 17799
D.
HIPPA
E.
ISO 9000
Explanation:
http://advisera.com/27001academy/knowledgebase/iso-27001-risk-assessment-treatment-6-basic-steps/
https://www.sans.org/reading-room/whitepapers/basics/measuring-effectiveness-information-security-controls-33398