Guest
Risk assessment internal and external criteria and factors
Cuales son los criterios y factores internos y externos que se aplican en la evaluación de riesgos?
Assign topic to the user
Expert
Rhand Leal
Oct 22, 2019
What are the internal and external criteria and factors that apply in the risk assessment?
Considering ISO 27005, the ISO standard for information security risk management, you have some of the following:
- Internal factors: business objectives, business processes, organizational structure, information assets
- External factors: geography, marketing trends, political and economical issues
- Risk evaluation criteria: strategic value of processes which handle business information, legal, regulatory and contractual requirements, business value of confidentiality, integrity, and availability
- Impact evaluation criteria: classification level of impacted information, affected operations (internal or of third-parties), breach of legal, regulatory or contractual requirements
- Risk acceptance criteria: business-related, legal and regulatory related, operational related, technological related, and financial related
This material will also help you regarding ISO 27001 risk management:
- Book ISO 27001 Risk Management in Plain English https://advisera.com/books/iso-27001-annex-controls-plain-english/
Comment as guest or Sign in
Oct 22, 2019
Oct 22, 2019
Oct 22, 2019