This book provides information security and risk management teams with detailed, practical guidance on how to develop and implement a risk assessment in line with the requirements of ISO27001. Drawing on international best practice including ISO/IEC 27005 and BS7799-3, the book explains in detail how to do an information security risk assessment.