SPRING DISCOUNT
Get 30% off on toolkits, course exams, and Conformio yearly plans.
Limited-time offer – ends April 25, 2024
Use promo code:
SPRING30

Expert Advice Community

Home / ISO 27001 & 22301 / Risk Acceptance Criteria

Guest

Risk Acceptance Criteria

ISO 27001 & 22301
  Quote
Guest
Guest user Created:   Jan 12, 2016 Last commented:   Jan 12, 2016

Risk Acceptance Criteria

ISO 27001 & 22301
Our org is ISO 27001 certified. I want to design a Risk acceptance criteria policy and need help with that. Actually, a few control on risk contain high finance, so in this scenario how could we accept it by the approval of Mgmt?
0 0

Assign topic to the user

EU GDPR & ISO 27001 INTEGRATED DOCUMENTATION TOOLKIT

Step-by-step implementation for smaller companies.

EU GDPR & ISO 27001 INTEGRATED DOCUMENTATION TOOLKIT

Step-by-step implementation for smaller companies.
Guest
AntonioS Jan 12, 2016

The organization can accept the risk, but as you know it is necessary to establish a criteria. What criteria? Please read this article “Risk appetite and its influence over ISO 27001 implementation”: https://advisera.com/27001academy/blog/2014/09/08/risk-appetite-influence-iso-27001-implementation/
 
And always you have to generate evidences, in this case for the approval of the Top Management you can use a record of a meeting.

Quote
0 0

Comment as guest or Sign in

HTML tags are not allowed

Jan 12, 2016

Jan 12, 2016

Suggested Topics
Guest user Created:   Feb 27, 2018 ISO 27001 & 22301
Replies: 1
0 0

Risk acceptance criteria
Guest user Created:   May 18, 2017 ISO 27001 & 22301
Replies: 1
0 0

Risk acceptance criteria
Guest user Created:   Jan 08, 2017 ISO 27001 & 22301
Replies: 6
0 1

Risk acceptance criteria and acceptance level