Conformio - acceptance of residual risk in reports
Assign topic to the user
The residual risk is accepted in the Risk Register module, in the risk treatment step. After the definition of the risk treatment option and selection of applicable controls, the residual risk is automatically calculated and approved by the risk owner.
Additionally, in the Risk Assessment and Treatment Report, the accepted residual risks are listed, and in the Statement of Acceptance of Residual Risks, there is a summary of the accepted residual risks and their respective risk owners. These documents can be found in the Documents module, ISO 27001 folder, Lists Reports Statements, and Plans sub-folder.
Comment as guest or Sign in
Jan 11, 2022