ISO/IEC 27005 can be really helpful for organizations that seek to meet the requirements of ISO/IEC 27001 regarding risk management. By establishing a risk management process based on ISO/IEC 27005, organizations increase the effectiveness of their ISMS, address information security risks, and establish appropriate information security risk management practices.
ISO/IEC 27005 Foundation
ISO/IEC 27005 Risk Manager
ISO/IEC 27005 Lead Risk Manager