DPS
Drejtoria e Përgjithshme e Standardizimit
Phone: +355 4 222 62 55
E-mail: info@dps.gov.al
Address: Address: "Reshit Collaku" Str., (nearby ILDKPKI, VI floor), Po.Box 98, Tiranë - Albania
Main menu

The International Organization for Standardization (ISO) has published the ISO/IEC 27005:2022 standard "Information security, cybersecurity and privacy protection – Guidance on information security risk management"

ISO/IEC 27005 is an international standard, which has been adopted at the national level as SSH ISO/IEC 27005:2022. It provides guidance for managing information security risks, supporting the implementation of an Information Security Management System (ISMS). This standard presents a structured model for identifying, assessing and addressing risks in the field of information security and is suitable for implementation in all types of organizations.

At a time when cyber attacks are constantly evolving, effective risk management is essential for protecting assets and ensuring business continuity. The ISO/IEC 27005 standard helps organizations develop the ability to think strategically and effectively in the face of cyber threats that may affect their ISMS. It builds on the ISO/IEC 27001 and ISO 31000 standards, ensuring that cyber attacks can be prevented before they occur.

This standard provides guidance to help organizations meet the requirements of ISO/IEC 27001 regarding actions to manage information security risks, as well as for conducting risk assessment and treatment activities in a structured manner.

The benefits of implementing this standard for organizations of all types include: