Expert Advice Community

Home / ISO 27001 & 22301 / Risk assessment

Guest

Risk assessment

ISO 27001 & 22301
  Quote
Guest
Guest user Created:   Oct 01, 2018 Last commented:   Oct 01, 2018

Risk assessment

ISO 27001 & 22301
How/Where I must describe risks on Risk assessment spreadsheet?
0 0

Assign topic to the user

ISO 27001 RISK ASSESSMENT AND TREATMENT REPORT

Document the results of the risk management process.

ISO 27001 RISK ASSESSMENT AND TREATMENT REPORT

Document the results of the risk management process.
Expert
Rhand Leal Oct 01, 2018

Answer:

In the Risk assessment spreadsheet a risk is described in terms of the asset, threat and vulnerability related to it, using the columns A, D and E of the spreadsheet. For example, for the risk "theft of unattended laptop" the description would be:

Column A (asset name): laptop
Column B (threat): thief
Column C (vulnerability): unattended asset

By the way, included in the toolkit you bought, you have access to video tutorials that will help you fill in the risk assessment table.

Quote
0 0

Comment as guest or Sign in

HTML tags are not allowed

Oct 01, 2018

Oct 01, 2018

Suggested Topics
Guest user Created:   Oct 25, 2023 ISO 27001 & 22301
Replies: 1
0 0

Initial Risk Assessment Non-conformity
Guest user Created:   Sep 05, 2023 ISO 27001 & 22301
Replies: 3
0 0

Risk assessment: multiple vulnerabilities for the same threat
Guest user Created:   Aug 29, 2023 ISO 27001 & 22301
Replies: 1
0 0

Controls in the SoA that so not show up in the Risk Assessment