Expert Advice Community

Home / ISO 27001 & 22301 / How to link risk assessment to Statement of Applicability

Guest

How to link risk assessment to Statement of Applicability

ISO 27001 & 22301
  Quote
Guest
Guest user Created:   Jan 12, 2016 Last commented:   Jan 12, 2016

How to link risk assessment to Statement of Applicability

ISO 27001 & 22301
Many thanks for a very good webinar. One question came to mind after the webinar…once you have done your risk assessment and have a solid table listing your risk and their significance how do you then link that to the SOA and pick the controls you want?
0 0

Assign topic to the user

ISO 27001 RISK ASSESSMENT TABLE

Implement risk register using catalogues of vulnerabilities and threats.

ISO 27001 RISK ASSESSMENT TABLE

Implement risk register using catalogues of vulnerabilities and threats.
Guest
DejanK Jan 12, 2016

Answer: Once you identify all the risks, you have to select the ones that are not acceptable. For those unacceptable risks you have to select controls or other options for treating the risks - this is done through some kind of a risk treatment table. Once you select all the controls you want, then you start writing the Statement of Applicability.

Quote
0 0

Comment as guest or Sign in

HTML tags are not allowed

Jan 12, 2016

Jan 12, 2016

Suggested Topics
Guest user Created:   Jun 21, 2022 ISO 27001 & 22301
Replies: 1
0 0

Non-conformities
Guest user Created:   May 30, 2022 ISO 27001 & 22301
Replies: 3
0 0

Risk assessment question
Guest user Created:   May 12, 2022 ISO 27001 & 22301
Replies: 1
0 0

Risk Register Team work question