Get a 20% discount on the first year of the Company Training Academy annual plan.
Limited-time offer – ends April 24, 2025
Use promo code:
CTA20

Expert Advice Community

Home / ISO 27001 & 22301 / Measurement of the absolute risk

Guest

Measurement of the absolute risk

ISO 27001 & 22301
  Quote
Guest
Guest post Created:   Jan 12, 2016 Last commented:   Jan 12, 2016

Measurement of the absolute risk

ISO 27001 & 22301
Hi friends, Could you help me with the following question please: To measure the absolute risk, is necessary to evaluate the asset without protections neither controls of any kind, or it is measure with the protections or controls implemented currently on the asset? Which would be the best approach and why? Which you use and recommend? Thank so much Best regards.
0 0

Assign topic to the user

ISO 27001 RISK ASSESSMENT TABLE

Implement risk register using catalogues of vulnerabilities and threats.

ISO 27001 RISK ASSESSMENT TABLE

Implement risk register using catalogues of vulnerabilities and threats.
Guest
AntonioS Jan 12, 2016

To evaluate the risk, you should take in consideration the security controls that exist in the organization for each asset. This approach is more real and more closer to the reality of your business, because considers the current controls. If not, you will have a point of view that not reflects the reality. So, our recommendation is the first approach, I mean, that you consider current security controls.

Quote
0 0

Comment as guest or Sign in

HTML tags are not allowed

Jan 12, 2016

Jan 12, 2016

Suggested Topics
Anna Browne Created:   Feb 13, 2025 ISO 27001 & 22301
Replies: 0
0 0

Edit Risk register
Lajvar Created:   Apr 29, 2024 ISO 27001 & 22301
Replies: 1
0 0

Risk treatment plan
Atheer AlMartan Created:   Feb 11, 2024 ISO 27001 & 22301
Replies: 1
0 0

Statement of Acceptance of Residual Risks