We've received the following questions:
1. I would like to know difference between Risk Assessment and Incident Management
2. During risk assessment, we consider Disaster as risk, how can it become incident later, even it identified earlier
Answers:
1) Risk assessment is a process where you try to identify all the potential security breaches that might happen in the future. Incidents are the risks that have materialized, i.e. the real breaches that have happened; incident management is a process for managing incidents.
2) Disaster itself is not a risk, it is a threat; it can become an incident if you didn't implement all the security controls to prevent such an incident.
Assign topic to the user
ISO 27001 RISK ASSESSMENT AND TREATMENT REPORT
Document the results of the risk management process.
Get it now 
ISO 27001 RISK ASSESSMENT AND TREATMENT REPORT
Document the results of the risk management process.
Get it now
ISO 27001 RISK ASSESSMENT AND TREATMENT REPORT
Document the results of the risk management process.
Get it now
Comment as guest or Sign in
Jan 12, 2016
Jan 12, 2016
Jan 12, 2016