Tag: "risk register" - Expert Advice Community



Create New Topic As guest or Sign in

HTML tags are not allowed

Assign topic to the user

  • Conformio risk register, confused by some of the threat mappings for Human Resources

    The Conformio risk register defines the following
    • Threat is what kind of negative thing can happen to your asset because the vulnerability exists.
    The mapping path is Asset to Vulnerabilty to Threat Asset: Employees with specific expertiese ( system admin, security experts ) Vulnerability: Replacement person does not exist or is inadequate Threat:  Earthquake / Fire / Flood / Storm ? Of the 12 items listed, only 2 seem reasonable - breach of contracts and information disclosure Seems like this mapping needs some work, or am I misunderstanding something ?
  • Opportunities and environmental aspects and impacts

    We have Environmental Aspect / Impact register, but how to incorporate the opportunities in the Environmental Aspect Impact Register