Guest user Created: Apr 11, 2017 Last commented: Apr 11, 2017

Risk management in e-learning course

I need a clarification. Talking about the Risk Assessment and_Risk Treatment Methodology it is enough to attend the specific chapter in your e-learning course, in order to manage the Risk Phase (small organization, starting from the scratch).

0 0

Assign topic to the user

Select user

Expert

Rhand Leal Apr 11, 2017

Answer: No. The course was designed to help you understand ISO 27001 and manage risks using its content, but to do it properly you should attend all modules related to clauses 6 (planning), 8 (Operation) and Annex A, which would be modules 2, 3, 4, and 6. If you attend only module 3 you will miss items like Information security objectives [clause 6.2], and applicable controls [Annex A]

This article will provide you further explanation about risk management:
- ISO 27001 risk assessment & treatment – 6 basic steps https://advisera.com/27001academy/knowledgebase/iso-27001-risk-assessment-treatment-6-basic-steps/

This material will also help you regarding risk management:
- Book ISO 27001 Risk Management in Plain English https://advisera.com/books/iso-27001-annex-controls-plain-english/
- The basics of risk assessment and treatment according to ISO 27001 [free webinar on demand] https://advisera.com/27001academy/webinar/basics-risk-assessment-treatment-according-iso-27001-free-webinar-demand/

Quote

0 0

Comment as guest or Sign in

HTML tags are not allowed

Name *

Email *

I accept the Privacy and Terms

Notify me when someone replies

Apr 11, 2017

Expert Advice Community