Expert Advice Community

Guest

Control table and risk assessment and treatment

  Quote
Guest
Guest user Created:   Aug 15, 2017 Last commented:   Aug 15, 2017

Control table and risk assessment and treatment

I just want to know what is the connection between Control Table and RA & RT
0 0

Assign topic to the user

ISO 27001 DOCUMENTATION TOOLKIT

Step-by-step implementation for smaller companies.

ISO 27001 DOCUMENTATION TOOLKIT

Step-by-step implementation for smaller companies.

Expert
Rhand Leal Aug 15, 2017

Answer: I'm assuming that for control table you are referring to a data structure that directs a program flow according to the values and relations it contains. Considering that, in a risk assessment you should identify risks that could compromise the information in the control table, which could lead the program to flow in an unexpected or unauthorized manner. Examples are unverified changes, malicious codes, etc.

In the risk treatment you should consider options to minimize such risks, like including data input and data output validation, adoption of a formal change process, etc.

This article will provide you further explanation about risk assessment and treatment:
- ISO 27001 risk assessment & treatment – 6 basic steps https://advisera.com/27001academy/knowledgebase/iso-27001-risk-assessment-treatment-6-basic-steps/

These materials will also help you regarding risk assessment and treatment:
- Book ISO 27001 Risk Management in Plain English https://advisera.com /books/iso-27001-risk-management-in-plain-english/
- The basics of risk assessment and treatment according to ISO 27001 [free webinar on demand] https://advisera.com/27001academy/webinar/basics-risk-assessment-treatment-according-iso-27001-free-webinar-demand/

Quote
0 0

Comment as guest or Sign in

HTML tags are not allowed

Aug 15, 2017

Aug 15, 2017

Suggested Topics