Abstract
The international standard of information security risk management (ISO/IEC 27005:2011(E)) adopts an iterative approach and risk assessment methodology of information security incident scenarios analyses, applying the principle of 80/20 to calculate, and therefore should be able to save cost and to increase its effectiveness. On such a basis, we propose a rigorous and systematic approach to addressing related implementation issues involved in employing such an information security risk assessment standard, and use the chlorine processing system in a water treatment plant as an example to fully demonstrate the effectiveness of the proposed method. In particular, we would discuss the isought side of ISO/IEC 27005:2011(E), respectively. Moreover, an implementation of information security risk assessment is carried out.
Sign-in/Register to access full text options 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a callDisclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.
