Residual risks

1.- Curious to know if the aim is to generally to reduce residual risk or to absorb the costs of impacts that could not be mitigated. Are this the same things in your view?

2.- I was just appreciating this live chat feature. Very interesting approach. Is this supported by ISO as a regular function?

3.- Also useful to know if you are familiar with the Sendai Framework for Disaster Risk Reduction that was just adopted by all UN member States with full engagement of the private sector.

Answer:

Point 1:
The important here is to reduce the risk to an acceptable level, not the residual risk (residual risk is the risk reduced after you apply controls, reducing impact and/or probability). So, from my point of view there are different things, because you need to keep in mind the acceptable level of risk . If you need more information about the residual risk, please read this article “Why is residual risk so important?” : https://advisera.com/27001academy/knowledgebase/why-is-residual-risk-so-important/
Point 2:
Thank you! We are really glad you like our chat feature. Could you please explain what do you mean by is the chat a regular function supported by ISO?
Point 3:
No I am sorry, we do not have information about this framework, keep in mind that we have our own toolkit. If you are interested in risks, you can see a free version of our methodology here clicking on “Free Demo” tab “Risk Assessment and Risk Treatment Methodology” : https://advisera.com/27001academy/documentation/Risk-Assessment-and-Risk-Treatment-Methodology/ . Also you can see our Disaster Recovery Plan “Disaster Recovery Plan” : https://advisera.com/27001academy/documentation/disaster-recovery-plan/