ISO/IEC TR 27016:2014 Preview
Information technology -- Security techniques -- Information security management -- Organizational economics
ISO/IEC TR 27016:2014 provides guidelines on how an organization can make decisions to protect information and understand the economic consequences of these decisions in the context of competing requirements for resources.
ISO/IEC TR 27016:2014 is applicable to all types and sizes of organizations and provides information to enable economic decisions in information security management by top management who have responsibility for information security decisions.
Buy this standard
A standard is reviewed every 5 years