Risk assessment report

Answer: The risk assessment report should be a separated document from the risk assessment, because its purpose is to to present to top management the main results of the risk assessment, while the risk assessment document contains all information gathered, analysed and evaluated about the risks in the organization.

This article will provide you further explanation about the risk assessment process:
- ISO 27001 risk assessment & treatment – 6 basic steps https://advisera.com/27001academy/knowledgebase/iso-27001-risk-assessment-treatment-6-basic-steps/

These materials will also help you regarding risk assessment and treatment process:
- Book Secure & Simple: A Small-Business Guide to Implementing ISO 27001 On Your Own https://advisera.com/books/secure-and-simple-a-small-business-guide-to-implementing-iso-27001-on-your-own/
- The basics of risk assessment and treatment according to ISO 27001 [free webinar on dem and] https://advisera.com/27001academy/webinar/basics-risk-assessment-treatment-according-iso-27001-free-webinar-demand/