I'm doing research into ISO 17799:2005, more specifically its policies related to risk management and its involvement on risk management in the wider IT sector, but I can't find out the answer to:
Was ISO 17799:2005 the first standard to introduce risk management? If not, when and how does this iteration of risk management relate in comparison to the other standards?
The actual ISO document itself: https://www.sans.org/media/score/checklists/ISO-17799-2005.pdf