Get 4 FREE months of Conformio to implement ISO 27001

Expert Advice Community

Guest

ISO 27001 Internal Auditor Exam - Expert Question

  Quote
Guest
Guest user Created:   Jun 29, 2022 Last commented:   Jun 29, 2022

ISO 27001 Internal Auditor Exam - Expert Question

Do you add or multiply to find risk? For the risk assessment to you add or multiply the impact and likelihood of risk? ISO 27001 under risk assessment the 3rd module called risk assessment it has a chart that has them added together and on the video he states they can be added or multiplied.  So I wanted to clarify, is it actually both if they ask on the exam?

0 0

Assign topic to the user

ISO 27001 DOCUMENTATION TOOLKIT

Step-by-step implementation for smaller companies.

ISO 27001 DOCUMENTATION TOOLKIT

Step-by-step implementation for smaller companies.

Expert
Rhand Leal Jun 29, 2022

 ISO 27001 does not prescribe how to relate impact and likelihood to define risk, so both approaches are acceptable.

For further information, see:

Quote
0 0

Comment as guest or Sign in

HTML tags are not allowed

Jun 29, 2022

Jun 29, 2022

Suggested Topics