Expert Advice Community

Home / ISO 27001 & 22301 / ISMS documentation

Guest

ISMS documentation

ISO 27001 & 22301
  Quote
Guest
Guest user Created:   May 01, 2019 Last commented:   May 01, 2019

ISMS documentation

ISO 27001 & 22301
At what stage in the documentation is risk assessment carried out?
0 0

Assign topic to the user

ISO 27001 DOCUMENTATION TOOLKIT

Step-by-step implementation for smaller companies.

ISO 27001 DOCUMENTATION TOOLKIT

Step-by-step implementation for smaller companies.
Expert
Rhand Leal May 01, 2019

Answer:

In the ISMS implementation, the risk assessment and treatment process is performed after ISMS scope and Information Security Policy definition, starting with the definition of the Risk Assessment and Treatment Methodology.

After implementation risk assessment is normally performed once a year or every time there is a significant change on organizational context.

These articles will provide you further explanation about risk assessment:
- ISO 27001 implementation checklist https://advisera.com/27001academy/knowledgebase/iso-27001-implementation-checklist/
- ISO 27001 risk assessment & treatment – 6 basic steps https://advisera.com/27001academy/knowledgebase/iso-27001-risk-assessment-treatment-6-basic-steps/

Quote
0 0

Comment as guest or Sign in

HTML tags are not allowed

May 01, 2019

May 01, 2019

Suggested Topics
Guest user Created:   Oct 31, 2023 ISO 27001 & 22301
Replies: 1
0 0

Guidance on Missing ISMS Documentation and Implementation Drafts
Guest user Created:   Nov 14, 2019 ISO 27001 & 22301
Replies: 1
0 0

ISMS documentation
Guest user Created:   Jun 28, 2016 ISO 27001 & 22301
Replies: 1
0 0

Referring to the Business continuity policy from the ISMS documentation