Guest user Created: Feb 02, 2019 Last commented: Feb 02, 2019

The Risk Treatment Plan and the Implementation Plan

Section 10. It says “Implementation plan” but the document states “Risk Treatment plan”. Risk seems to be under section 7. Please explain

0 0

Assign topic to the user

Select user

Expert

Rhand Leal Feb 02, 2019

Answer:

First we apologize for the confusion.

The Risk Treatment Plan and the Implementation Plan are the same thing.

The "Risk Treatment Plan" template on section 10 is more related to the "do" phase of the project, when you are in fact implementing the controls, while the Risk Assessment and Risk Treatment process, which documents are described on section 7 are related to the "planning"phase of the project. That's why these documents are on separated sections.

This article will provide you more information:
- Risk Treatment Plan and risk treatment process – What’s the difference? https://advisera.com/27001academy/iso-27001-risk-assessment-treatment-management/#treatment

Quote

0 0

Comment as guest or Sign in

HTML tags are not allowed

Name *

Email *

I accept the Privacy and Terms

Notify me when someone replies

Feb 02, 2019

Expert Advice Community