ISO/IEC 27005 is a member of the ISO 27000 family and focuses on information security risk management. Suppose you’re already familiar with ISO 27001, which outlines the general framework of an Information Security Management System (ISMS). In that case, ISO 27005 will help you focus on risk, how to detect, analyse, and manage it. https://akitra.com/a-short-guide-to-the-iso-27005-compliance/