Tag: "Product: ISO 27001/Risk Treatment Plan" - Expert Advice Community



Create New Topic As guest or Sign in

HTML tags are not allowed

Assign topic to the user

  • List of referenced risks and numbers

    )n the example of the Risk Treatment Plan used in the ISO 27001 online training, there was mention of reference to risks like:-
    Risk no 16. Unavailability of electronic records due to accidental loss.
    Risk no 32. Laptops could be stolen by external persons.
    How do I get a list of this referenced risks and numbers?

  • 6.1.3 (f) and acceptance by top management

    Quick question: 6.1.3 (f) requires Risk owner to accept the risk treatment plan and residual risks. In your templates (risk treatment plan, Method for risk evaluation and treatment), the risk can be accepted by TOP management. Is this still conform with 6.1.3 (f) or do we have to get approval from all risk owners?