I wonder if you have more information about Risk Acceptance by way of Forms.
Ex. Once a risk is accepted, what kind of form examples do you have so the acceptance can be signed off.
Answer:
You will find a form for accepting the residual risks in the section 4 of the Statement of Applicability (folder: 06 Statement of Applicability). Anyway, I will give you another option: Perform a meeting with top management and talk about the risk acceptance. Include the results of the meeting in a minute, which must be signed by all attendees. You can use this minute, instead of a form, as evidence of the accepted risk of the organization.
Finally, I think that this article can be interesting for you Risk appetite and its influence over ISO 27001 implementation : https://advisera.com/27001academy/blog/2014/09/08/risk-appetite-influence-iso-27001-implementation/
Comment as guest or Sign in
Jan 12, 2016