Get FREE 12-month access to the AI-Powered Knowledge Base worth $450
with your ISO 27001 toolkit purchase
Limited-time offer – ends June 27, 2024

Expert Advice Community

Guest

Enterprise risks

  Quote
Guest
Guest user Created:   Jun 09, 2017 Last commented:   Jun 09, 2017

Enterprise risks

1. How do we cover enterprise risks and monitoring mechanism.
0 0

Assign topic to the user

ISO 27001 DOCUMENTATION TOOLKIT

Step-by-step implementation for smaller companies.

ISO 27001 DOCUMENTATION TOOLKIT

Step-by-step implementation for smaller companies.

Expert
Rhand Leal Jun 09, 2017

Answer: ISO 27001 was designed to cover risks related to information security from operational to enterprise levels, but enterprise risks cover much more than information security, so you should consider to complement it with some other frameworks, like COSO, which provides recommendations for managing enterprise risks, like economical, social, and others.

2. Do we have high level classification of enterprise risk?

Answer: General classification for risks like low, medium and high are used when we talk about enterprise risks, so we can compare risk from different types, like technological, economical, strategic, etc.

These articles will provide you further explanation about enterprise risks and monitoring:
- How to integrate COSO, COBIT, and ISO 27001 frameworks https://advisera.com/27001academy/blog/2016/10/10/how-to-integrate-coso-cobit-and-iso-27001-frameworks/
- Aligning information security with the strategic direction of a company according to ISO 27001 https://adviser a.com/27001academy/blog/2017/02/20/strategic-direction-of-a-company-according-to-iso-27001/
- How to perform monitoring and measurement in ISO 27001 https://advisera.com/27001academy/blog/2015/06/08/how-to-perform-monitoring-and-measurement-in-iso-27001/

Quote
0 0

Comment as guest or Sign in

HTML tags are not allowed

Jun 09, 2017

Jun 09, 2017