The Risk Treatment Plan and the Implementation Plan
Assign topic to the user
Answer:
First we apologize for the confusion.
The Risk Treatment Plan and the Implementation Plan are the same thing.
The "Risk Treatment Plan" template on section 10 is more related to the "do" phase of the project, when you are in fact implementing the controls, while the Risk Assessment and Risk Treatment process, which documents are described on section 7 are related to the "planning"phase of the project. That's why these documents are on separated sections.
This article will provide you more information:
- Risk Treatment Plan and risk treatment process – What’s the difference? https://advisera.com/27001academy/iso-27001-risk-assessment-treatment-management/#treatment
Comment as guest or Sign in
Feb 02, 2019