Question 18
Main Page
You’re evaluating ISO 27005 as a risk framework. What is its most distinctive feature?
A. It’s designed only for manufacturing organizations
B. It includes control catalogs
C. It provides continual, cyclical risk management guidance
D. It replaces ISO 27001 certification
Answer: C. It provides continual, cyclical risk management guidance
ISO 27005 supports ongoing risk identification, analysis, treatment, and monitoring, forming a closed-loop cycle.