Toolkit content
Assign topic to the user
First of all, we're sorry about this misunderstanding.
In the context of ISO 27001, "analysis" means the assessment of consequences and likelihood to define how big a risk is, and there is no need to perform any additional analysis. The Methodology document in your toolkit explains the criteria for assessing consequences and likelihood, and the Excel sheet enables you to do it quickly by selecting the values and the risks are calculated automatically.
For further information, see:
- ISO 27001/ISO 27005 risk assessment & treatment – 6 basic steps https://advisera.com/27001academy/knowledgebase/iso-27001-risk-assessment-treatment-6-basic-steps/
- How to assess consequences and likelihood in ISO 27001 risk analysis https://advisera.com/27001academy/iso-27001-risk-assessment-treatment-management/#assessment
Comment as guest or Sign in
Sep 10, 2021