IT-säkerhet

This document provides guidance to assist organizations to: —   fulfil the requirements of ISO/IEC 27001 concerning actions to address information security risks; —   perform information security risk management activities, specifically information security risk assessment and treatment. This document is applicable to all organizations, regardless of type, size or sector.