Guest
Evaluate the risk owner?
I need a small hint – how to evaluate the Risk Owner in Risk Calculation formula? How to evaluate what value to be? A small matrix & to think our values based on business impact?
Assign topic to the user
Guest
Antonio Jose Segovia
Feb 19, 2016
Answer:
I am sorry but I am not sure if I have understood your questions. You do not need to evaluate the risk owner, you simply need to identify the risk owner for each risk. This risk owner can be a person or entity with the accountability and authority to manage a risk. This article can help you to understand who can be a risk owner “Risk owners vs. Asset owners in ISO 27001:2013” : https://advisera.com/27001academy/knowledgebase/risk-owners-vs-asset-owners-in-iso-270012013/
By the way, the risk owner can also participate in the evaluation of risks, but can participate also others. And the formula for the calculation of the risk depends of the methodology of the risk management, but an example can be: Risk = Consequences + Likelihood. For more information about this, this free webinar can be interesting for you “The basics of risk assessment and treatment ac cording to ISO 27001” : https://advisera.com/27001academy/webinar/basics-risk-assessment-treatment-according-iso-27001-free-webinar-demand/
Maybe can be also interesting for you our methodology, so this article can be interesting for you "How to assess consequences and likelihood in ISO 27001 risk analysis" : https://advisera.com/27001academy/iso-27001-risk-assessment-treatment-management/#assessment
Finally, our online course can be also interesting for you “ISO 27001:2013 Foundations Course” : https://advisera.com/training/iso-27001-foundations-course/
Comment as guest or Sign in
Feb 19, 2016
Feb 19, 2016
Feb 19, 2016