Expert Advice Community

Guest

Removing approved risks in Conformio

  Quote
Guest
Guest user Created:   Oct 07, 2021 Last commented:   Oct 07, 2021

Removing approved risks in Conformio

How its possible to remove some threats and vulnerabilities that we already reviewed and approved?

0 0

Assign topic to the user

ISO 27001 RISK ASSESSMENT TABLE

Implement risk register using catalogues of vulnerabilities and threats.

ISO 27001 RISK ASSESSMENT TABLE

Implement risk register using catalogues of vulnerabilities and threats.

Expert
Rhand Leal Oct 07, 2021

From your question I’m assuming you want to remove some threats and vulnerabilities associated with an asset once the risk assessment and treatment process is concluded.

It is not possible to remove threats or vulnerabilities, but it is possible to make the risk not relevant any more - for that purpose  you have to enter the Risk Register, find the risk and decrease its likelihood and/or impact so that it becomes acceptable. Please note that this change will initiate changes in the Statement of Applicability and the Risk Treatment Plan, i.e. you will start a whole cycle of risk management. Therefore, we recommend these changes are made every 6 months.

In case the risk management process is not concluded, you can simply roll back the steps to eliminate/alter the risk.

Quote
0 0

Comment as guest or Sign in

HTML tags are not allowed

Oct 07, 2021

Oct 07, 2021

Suggested Topics