Skip to content
Home » Management Systems » Security


BS 7799‑3:2017

Information security management systemsPart 3: Guidelines for information security risk management (revision of BS ISO/IEC 27005:2011)


weakness that can be exploited to cause harm [cited from ISO 19650-5:2020(en), 3.15]


state of relative freedom from threat (3.13) or harm caused by deliberate, unwanted, hostile or malicious acts [cited from ISO 19650-5:2020(en), 3.7]

risk appetite

amount and type of risk that an organization is willing to pursue or retain [cited from ISO 19650-5:2020(en), 3.5]