Expert Advice Community

Guest

Risk Control Table

  Quote
Guest
Guest user Created:   May 07, 2021 Last commented:   May 07, 2021

Risk Control Table

I will look forward to hearing from the expert.

https://i.imgur.com/4sFGP38.png

In the example above in the screenshot I have given the consequence score of because of the existing controls. But should I be putting in the score prior to consideration of controls, which would be a' and then putting the lower Risk score into the Risk Treatment Table after consideration of the controls, even though they are already in place?

0 0

Assign topic to the user

Assign

ISO 27001 DOCUMENTATION TOOLKIT

Step-by-step implementation for smaller companies.

ISO 27001 DOCUMENTATION TOOLKIT

Step-by-step implementation for smaller companies.

Expert
Rhand Leal May 07, 2021

When you assess the impact and the likelihood of a risk, you have to take into account the existing controls, filling in the information about them in the column "Existing controls", so your example is the proper way to assess risks when controls are already implemented.

This article will provide you a further explanation about likelihood and impact:

This material will also help you regarding risk management:

Quote
0 1

Comment as guest or Sign in

HTML tags are not allowed

May 07, 2021

May 07, 2021