Risk assessment and treatment
Assign topic to the user
ISO 27001 RISK ASSESSMENT TABLE
Implement risk register using catalogues of vulnerabilities and threats.
Get it now 
ISO 27001 RISK ASSESSMENT TABLE
Implement risk register using catalogues of vulnerabilities and threats.
Get it now
ISO 27001 RISK ASSESSMENT TABLE
Implement risk register using catalogues of vulnerabilities and threats.
Get it now
How does Annex A related to the risks ? I understand there are 114 security controls (?) that the standard defines on Annex A. Do we need to refer to all of them and for each one indicate if that is relevant? And if relevant - then I fill the relevant doc? What table do I use to do that ?
Actually, if I put it in other words, I would appreciate a clarification of the process between folders 5,6, and 8 (Annex A). For me there is too much info and videos in the site. It is overloaded and I can't find what is relevant and I do not want to spend to much time on viewing all of that. Can you list the process in few sentences in regards to the risk and security controls? What do I need to do and what tables to use ?
Answer:
Basically you are referring to the risk assessment and risk treatment processes, where relevant risks are identified and proper treatment actions and controls from ISO 27001 Annex A are chosen.
For a view of these processes, with the use of real data as examples, you can see these video tutorials included in your toolkit:
- #105 How to implement risk assessment
- #106 How to implement risk treatment
Comment as guest or Sign in
Jul 23, 2019