Guest
ISO 27001 Risk Assessments
When conducting an ISO 27001 risk assessment? Are the risks identified through the ISO 27001 controls themselves or are they just random risks that our business identifies?
Assign topic to the user
Expert
Rhand Leal
Jul 04, 2022
To be compliant with ISO 27001 information security risks cannot be identified randomly, they need to be identified according to the defined risk assessment and treatment methodology.
These articles will provide you with further explanation about the risk assessment process:
- 6 main steps in risk management https://advisera.com/27001academy/iso-27001-risk-assessment-treatment-management/
- Risk assessment methodology https://advisera.com/27001academy/iso-27001-risk-assessment-treatment-management/#section3
- Risk assessment https://advisera.com/27001academy/iso-27001-risk-assessment-treatment-management/#assessment
- Risk treatment https://advisera.com/27001academy/iso-27001-risk-assessment-treatment-management/#treatment
These materials will also help you regarding risk management:
- Book ISO 27001 Risk Management in Plain English https://advisera.com/books/iso-27001-risk-management-in-plain-english/
Comment as guest or Sign in
Jul 04, 2022
Jul 04, 2022
Jul 04, 2022