Organizations around the globe that follow or certify to ISO standards are already well-equipped to evaluate and mitigate risks within their organizations. But how can security professionals go about identifying those risks? And how can organizations and professionals in charge of asset protection and liabilities across an enterprise ensure success when implementing risk-based ISO standards?
“ESRM, along with ISO standards, are not finite, end goals for an organization. Rather they are both about continual improvement, which is perhaps why they complement one another so well.”