Expert Advice Community

Guest

Information security risk treatment plan

  Quote
Guest
Tiare Created:   Feb 01, 2021 Last commented:   Feb 04, 2021

Information security risk treatment plan

What steps should I follow to determine the information security risk treatment plan?

0 0

Assign topic to the user

Assign

ISO 27001 DOCUMENTATION TOOLKIT

Step-by-step implementation for smaller companies.

ISO 27001 DOCUMENTATION TOOLKIT

Step-by-step implementation for smaller companies.

Expert
Rhand Leal Feb 04, 2021

ISO 27001 does not prescribe how to develop the information security risk treatment plan, but as good practice, you should consider these steps:

  • definition of security controls to be implemented
  • who is responsible for implementing them
  • what are the deadlines for the implementation
  • which resources are needed (i.e. financial and human)
  • how the results will be evaluated

To see how a risk treatment plan looks like, please access the free demo of our Risk Treatment Plan at this link: https://advisera.com/27001academy/01academy/emy/ademy/my/documentation/risk-treatment-plan/

This article will provide you further explanation about the risk treatment plan:
- Risk Treatment Plan and risk treatment process – What’s the difference? https://advisera.com/27001academy/01academy/emy/ademy/my/knowledgebase/risk-treatment-plan-and-risk-treatment-process-whats-the-difference/

Quote
0 0

Comment as guest or Sign in

HTML tags are not allowed

Feb 01, 2021

Feb 04, 2021

Suggested Topics

Guest user Created:   Jul 11, 2019 ISO 27001 & 22301
Replies: 1
0 0

Toolkit content

Guest user Created:   Oct 25, 2017 ISO 27001 & 22301
Replies: 1
0 0

Non conformity classification

Guest user Created:   Feb 26, 2016 ISO 27001 & 22301
Replies: 1
0 0

Risk owner's approval