Expert Advice Community

Guest

Risk assessments

  Quote
Guest
Guest user Created:   May 25, 2020 Last commented:   May 25, 2020

Risk assessments

I purchased your ISO 27001 document toolkit, along with various books.

With regard to the risk assessment, it’s my first time doing this exercise  – while the training & templates are useful, I am a little concerned I’m making it more complicated than it needs to be for a business of our size.

As with anything, there are levels of detail you can take it to, and I suspect I might be going too deep.

I was wondering if you had any real example risk assessments for a small/medium-sized *** company that you think are good and would be able to share with me (even if they are a little old)?

While the theory and examples are useful, I think seeing a real one would help me measure the depth required and if I’m on the right track.

0 0

Assign topic to the user

ISO 27001 DOCUMENTATION TOOLKIT

Step-by-step implementation for smaller companies.

ISO 27001 DOCUMENTATION TOOLKIT

Step-by-step implementation for smaller companies.

Expert
Rhand Leal May 25, 2020

As for a practical example of risk assessment, I suggest you take a look at this free downloadable material: Diagram of ISO 27001:2013 Risk Assessment and Treatment process (PDF) Diagram of ISO 27001:2013 Risk Assessment and Treatment process (PDF) https://info.advisera.com/27001academy/free-download/diagram-of-iso-270012013-risk-assessment-and-treatment-processatment-process

The diagram shows the ISO 27001 Risk Assessment and Treatment process, considering an asset – threat – vulnerability approach.

Please note that included with your toolkit there is access to a video tutorial that can help you understand and fill in the risk assessment and risk treatment tables, using real data as an example.

These articles will provide you a further explanation about risk assessment:

Quote
0 0

Comment as guest or Sign in

HTML tags are not allowed

May 25, 2020

May 25, 2020