Guest user Created: Dec 31, 2018 Last commented: Dec 31, 2018

Risk management approach

Your book is very useful to me which it could guide me the way for start up to do risk management. But I wonder that is it ok ? If I write the new Risk framework + methodology for implement in my company by combine the both ISO and COBIT 5? or I can use only one among both?

0 0

Assign topic to the user

Select user

Expert

Rhand Leal Dec 31, 2018

Answer:

Requirements for risk management in ISO 27001 do not prescribe which approach to use, only that a process must be defined, so you can use requirements from both ISO 27001 and COBIT 5 to perform risk management without a problem.

This article will provide you further explanation about ISO 27001 and COBIT:
- How to integrate COSO, COBIT, and ISO 27001 frameworks https://advisera.com/27001academy/blog/2016/10/10/how-to-integrate-coso-cobit-and-iso-27001-frameworks/

This material will provide you further explanation about ISO 27001risk management:
- The basics of risk assessment and treatment according to ISO 27001 [free webinar] https://advisera.com/27001academy/webinar/basics-risk-assessment-treatment-according-iso-27001-free-webinar-demand/

Quote

0 0

Comment as guest or Sign in

HTML tags are not allowed

Name *

Email *

I accept the Privacy and Terms

Notify me when someone replies

Dec 31, 2018

Expert Advice Community