Get FREE 12-month access to the AI-Powered Knowledge Base worth $450
with your ISO 27001 toolkit purchase
Limited-time offer – ends June 27, 2024

Expert Advice Community

Guest

Risk Assessment vs Incident Management

  Quote
Guest
DejanK Created:   Jan 12, 2016

Risk Assessment vs Incident Management

We've received the following questions: 1. I would like to know difference between Risk Assessment and Incident Management 2. During risk assessment, we consider Disaster as risk, how can it become incident later, even it identified earlier Answers: 1) Risk assessment is a process where you try to identify all the potential security breaches that might happen in the future. Incidents are the risks that have materialized, i.e. the real breaches that have happened; incident management is a process for managing incidents. 2) Disaster itself is not a risk, it is a threat; it can become an incident if you didn't implement all the security controls to prevent such an incident.
0 1

Assign topic to the user

ISO 27001 RISK ASSESSMENT TABLE

Implement risk register using catalogues of vulnerabilities and threats.

ISO 27001 RISK ASSESSMENT TABLE

Implement risk register using catalogues of vulnerabilities and threats.

Comment as guest or Sign in

HTML tags are not allowed

Jan 12, 2016

Jan 12, 2016

Suggested Topics

Ash Created:   Jan 21, 2024 ISO 27001 & 22301
Replies: 1
0 0

ISO 27001 Internal Audits

Guest user Created:   Oct 07, 2022 ISO 27001 & 22301
Replies: 1
0 0

Documentation request

Guest user Created:   Apr 27, 2022 ISO 27001 & 22301
Replies: 1
0 0

SaaS provider