Difference between Risk Treatment Plan and Risk Assessment Report
Assign topic to the user
Risk Assessment Report simply reports the results of the risk assessment and risk treatment - therefore, it is reporting something from the past. On the other hand, the Risk Treatment Plan defines who will implement each control, with which resources, what are the deadlines, etc. - therefore, it is planning something for the future.
This article will also help you: ISO 27001 risk assessment & treatment 6 basic steps https://advisera.com/27001academy/knowledgebase/iso-27001-risk-assessment-treatment-6-basic-steps/
Comment as guest or Sign in
Jan 12, 2016