Questions on Risk treatment table
Assign topic to the user
Answer: You should copy only those risks that are not acceptable - if you're using our Risk assessment methodology, the risks with values 3 and 4 are not acceptably.
And for certain risks, can we have same control? Like I have few assets with the risk of Disclosure/Leakage of Information, can I apply Confidentiality or disclosure agreements control for that risks?
Answer: Sure, you can apply some controls for several risks, while other controls will be applied only for one risk; further, you should apply several controls for one risk, just to make sure that risk is decreased.
Comment as guest or Sign in
Mar 31, 2016