Zurich, 20. December 2009. MinimaRisk research division watches the overall increase of interest of the new IT Risk Management spinoff standard of ISO 27001, that is ISO 27005 Risk Management.

ISO 27005 IT Risk Management provides guidelines for information security risk management. It supports the general concepts specified in ISO/IEC 27001 and it is designed to assist the satisfactory implementation of information security based on a risk management approach.

There is indeed an overall increase in interest over time, as illustrated by this graph illustrating the number of searches that Google Insights has registered since 2004 on “ISO 27005 Risk Management”:

ISO 27005 success is hence tightly correlated with in relationship with ISO 27001 (formerly BS 17799). Today IT departments are confronted in a need to regulate their activities, specifically to align the service according Governance, Risk Management and Compliance (GCR) requirements. By doing so, the importance of ISO 27005 Risk Management will continue to growth well into 2010.