ISO 27001 RISK ASSESSMENT AND RISK TREATMENT METHODOLOGY
Define main rules for risk assessment and treatment.
Get it now 
ISO 27001 RISK ASSESSMENT AND RISK TREATMENT METHODOLOGY
Define main rules for risk assessment and treatment.
Get it now
ISO 27001 RISK ASSESSMENT AND RISK TREATMENT METHODOLOGY
Define main rules for risk assessment and treatment.
Get it now
Risk assessment requires a lot of analysis and evaluation work to be done, and today most of these activities cannot be simply automated, because some decisions require a human feeling and perception of the business environment that a machine cannot properly evaluate. However, some activities you can make use of automated tools are:
- collect data from existing databases (e.g. to help identity assets if an asset-threat-vulnerability risk assessment approach is used)
- compare data gathered with risk level limits to warn about risks that require further analysis
- organize and present data for decision making.
This article will provide you a further explanation about the use of tools:
- When to use tools for ISO 27001/ISO 22301 and when to avoid them https://advisera.com/conformio/blog/2021/06/24/toolkit-vs-conformio-which-is-more-applicable-for-my-company/
Comment as guest or Sign in
Jun 16, 2020