Please select user.
There are no topics yet.
The Conformio risk register defines the following
The mapping path is Asset to Vulnerabilty to Threat
Asset: Employees with specific expertiese ( system admin, security experts )
Vulnerability: Replacement person does not exist or is inadequate
Threat: Earthquake / Fire / Flood / Storm ?
Of the 12 items listed, only 2 seem reasonable - breach of contracts and information disclosure
Seems like this mapping needs some work, or am I misunderstanding something ?
We have Environmental Aspect / Impact register, but how to incorporate the opportunities in the Environmental Aspect Impact Register