Risk assessment expert witnesses may provide reports regarding value at risk, risk management plans, and the risk management process. In Newly released ISO/IEC 27005:2011 helps improve risk management, DISC InfoSec blog writes:
Newly released ISO/IEC 27005:2011 helps improve risk management ISO 27005:2011, the newly released international information security risk management standard, is now available to the international community of business continuity and information security practitioners.
Information security risk management is one of the core competencies of information security. This Standard is an essential companion to ISO/IEC 27001 and ISO/IEC 27002 and replaces ISO/IEC 27005:2008.
Read more: DISC InfoSec blog.