ISO 27001 RISK TREATMENT PLAN
Determine responsibilities for the implementation of controls.
Get it now 
ISO 27001 RISK TREATMENT PLAN
Determine responsibilities for the implementation of controls.
Get it now
ISO 27001 RISK TREATMENT PLAN
Determine responsibilities for the implementation of controls.
Get it now
I wonder if you have more information about Risk Acceptance by way of Forms.
Ex. Once a risk is accepted, what kind of form examples do you have so the acceptance can be signed off.
Answer:
You will find a form for accepting the residual risks in the section 4 of the Statement of Applicability (folder: 06 Statement of Applicability). Anyway, I will give you another option: Perform a meeting with top management and talk about the risk acceptance. Include the results of the meeting in a minute, which must be signed by all attendees. You can use this minute, instead of a form, as evidence of the accepted risk of the organization.
Finally, I think that this article can be interesting for you Risk appetite and its influence over ISO 27001 implementation : https://advisera.com/27001academy/blog/2014/09/08/risk-appetite-influence-iso-27001-implementation/
Comment as guest or Sign in
Jan 12, 2016