ISO 27001 & 22301 / Changing risk scale in Conformio
Could you provide more clarification about why a scale from 1-3 was used for the risks instead of 1-5?
Please select user.
ISO 27001 RISK ASSESSMENT AND TREATMENT REPORT
Document the results of the risk management process.
Get it now
ISO 27001 does not prescribe which scale to be adopted, so we adopted a 1-3 scale to make risk assessment simpler and practical (a 1-5 scale will involve more values and alternatives).
These articles will help you:
By the way, the risk assessment process is also explained in this free online training:
HTML tags are not allowed