Guest user Created: Jan 12, 2016 Last commented: Jan 12, 2016

ISO 27001 risk assessment

I do understand how to go with Risk Assessment. I was able to identify the assets, vulnerabilities, threats and impacts. But I couldn't understand from Methodology, how to do the qualitative and quantitative analysis in order to move forward. Please I need your comprehensive assistance regarding this issue.

0 0

Assign topic to the user

Select user

Guest

DejanK Jan 12, 2016

Risk assessment methodology is a document that describes the rules for your risk assessment - therefore, you should write this methodology before starting to perform the risk assessment. It would be better to choose only the qualitative analysis in your methodology because quantitative is much more difficult, and it is not mandatory.

There materials will help you:

article ISO 27001 risk assessment & treatment 6 basic steps https://advisera.com/27001academy/knowledgebase/iso-27001-risk-assessment-treatment-6-basic-steps/
article How to write ISO 27001 risk assessment methodology https://advisera.com/27001academy/knowledgebase/write-iso-27001-risk-assessment-methodology/
webinar The basics of risk assessment and treatment ac cording to ISO 27001 https://advisera.com/27001academy/webinar/basics-risk-assessment-treatment-according-iso-27001-free-webinar-demand/

Quote

0 0

Comment as guest or Sign in

HTML tags are not allowed

Name *

Email *

I accept the Privacy and Terms

Notify me when someone replies

Jan 12, 2016

Expert Advice Community