Expert Advice Community

Guest

Psychology within the scope of risk treatment and analysis

  Quote
Guest
Guest user Created:   Sep 22, 2020 Last commented:   Sep 22, 2020

Psychology within the scope of risk treatment and analysis

Thanks for the update on the course. I have a project that is still in development and I was wondering if you had any information on the issue of psychology within the scope of risk treatment and analysis. If we're going to build the profile of a job that contains a risk at any level either within the task sequence or the individual assessment of the task, how do we determine the responsible strategy of analysis of the situation.

0 0

Assign topic to the user

Assign

ISO 27001 DOCUMENTATION TOOLKIT

Step-by-step implementation for smaller companies.

ISO 27001 DOCUMENTATION TOOLKIT

Step-by-step implementation for smaller companies.

Expert
Rhand Leal Sep 22, 2020

Psychology within risk treatment is out of our field of expertise, but in a general way, for every risk where the human factor is involved, you should consider means, motivation, and opportunity when analyzing a situation. By elimination of these elements from the situation, you can decrease the risk, and for controls, you should consider:

  • definition of roles, responsibilities, and authorities, so people understand what is expected from them (this provide guidelines for the other two practices)
  • awareness and training, so people understand why information security is important, the consequences of incidents, and how to perform their activities (this decreases motivation)
  • segregation of duties, so a single person cannot perform all required task (this decrease means and opportunities).

These articles will provide you a further explanation:

Quote
0 0

Comment as guest or Sign in

HTML tags are not allowed

Sep 22, 2020

Sep 22, 2020

Suggested Topics

Kamil Created:   Jul 22, 2021 ISO 27001 & 22301
Replies: 2
0 0

Risk owner problem

Guest user Created:   Jul 17, 2021 ISO 27001 & 22301
Replies: 1
0 0

Scope definition

Guest user Created:   Jul 07, 2021 ISO 27001 & 22301
Replies: 1
0 1

Scope question