More than one risk owner for one risk?
Assign topic to the user
Answer:
It is not common, I mean, generally a risk has an unique risk owner, because the risk owner is a person or entity with the accountability and authority to manage a risk, and commonly it is for an unique person or entity. For example, the risk owner of a server generally is the head of the IT department. For more information about the risk owner, please read this article “Risk owners vs. Asset owners in ISO 27001:2013” : https://advisera.com/27001academy/knowledgebase/risk-owners-vs-asset-owners-in-iso-270012013/
And our online course can be also interesting for you because we also talk about the risk owners “ISO 27001:2013 Foundations Course” : https://advisera.com/training/iso-27001-foundations-course/
Comment as guest or Sign in
Mar 18, 2016