Comprehensive and Detailed Explanation (250–350 words)
===========
ISO/IEC 27005 is explicitly identified in EC-Council CCISO documentation as the standard providing a formal framework for information security risk management.
ISO 27005 supports ISO 27001 by defining risk identification, analysis, evaluation, treatment, and monitoring. COBIT focuses on IT governance, ISO 27003 on ISMS implementation, and ITIL on service management.
Thus, Option A is correct.
Contribute your Thoughts:
Chosen Answer:
This is a voting comment (?). You can switch to a simple comment. It is better to Upvote an existing comment if you don't have anything to add.
Submit