Risk mitigation and BC strategy
Assign topic to the user
As I had to take the exam and I still didn´t have answer for the question I bought ISO 27001 Risk Management, hoping to find the answer. But I didn´t.
The pocket book is really fine, though having read “Becoming resilient” most of the contents of the ISO 27001 Risk Management pocket book are exactly the same. But anyway I think I learned some new things.
Answer: Risk mitigation involves the implementation of controls to reduce the impact and/or probability of a risk to happen, so by mitigating risks before implementing the strategies for BC will help reduce the required resources to implement BC strategies. Regarding ISO 27001 Risk Manag ement, it has much more precise requirements regarding the timing of the mitigation - the controls do not need to be implemented right away, but they need to be planned through the Risk Treatment Plan.
For example, by installing a lightning rod system, you can reduce the need for a secondary site as result of a lighting storm damaging a build electrical infrastructure.
Comment as guest or Sign in
Jul 06, 2018