Expert Advice Community

Guest

ISO 27000 and ISO 31000

  Quote
Guest
Guest user Created:   Jan 27, 2021 Last commented:   Jan 27, 2021

ISO 27000 and ISO 31000

Which standard of ISO 27000 group or ISO 31000 determine owner of information assets as owner of the information risk? And the informational risk as a operational risk.

0 0

Assign topic to the user

ISO 27001 DOCUMENTATION TOOLKIT

Step-by-step implementation for smaller companies.

ISO 27001 DOCUMENTATION TOOLKIT

Step-by-step implementation for smaller companies.

Expert
Rhand Leal Jan 27, 2021

Please note that neither standard of ISO 27000 group, or from ISO 31000 group prescribes that the owner of information assets must be the owner of the information risk, nor that informational risk is an operational risk.

ISO 27001 requires, and ISO 31000 suggests, the definition of risk owner, but neither prescribes a framework to organize risks, so organizations are free to organize them as they see fit.

These articles will provide you a further explanation about risk owner and asset owner:

This material will also help you:

Quote
0 0

Comment as guest or Sign in

HTML tags are not allowed

Jan 27, 2021

Jan 27, 2021

Suggested Topics

Guest user Created:   Jan 12, 2016 ISO 27001 & 22301
Replies: 1
0 0

Vocalbulary

Guest user Created:   6h ago ISO 27001 & 22301
Replies: 1
0 0

AML-ISO 27001