Residual Risk Question
The risk assessment and treatment plan output document includes only the risk rating before the measures to mitigate risks. The auditor would like to see the measures taken to mitigate risk and the residual risk level in the output document. This information is available in the software but not in the pdf created by Conformio.
Could you please add this information to the pdf document?
Assign topic to the user
Please note that the information about measures taken to mitigate risk and the residual risk level can be found in Appendix 2 - Risk Treatment Sheet of the Risk Assessment and Treatment Report
You can find this document through the link “Documents” in the left panel in Conformio main screen, path ISO 27001 >> Lists reports statements and plans.
Comment as guest or Sign in
Dec 27, 2022