Vulnerability identification
Assign topic to the user
Answer: You understanding is correct. Complicated procedures are prone to errors and the impacts you mentioned, and depending upon the results of your analysis and evaluation the application of security controls may be required.
This article will provide you further explanation about risk analysis:
- ISO 27001 risk assessment: How to match assets, threats and vulnerabilities https://advisera.com/27001academy/knowledgebase/iso-27001-risk-assessment-how-to-match-assets-threats-and-vulnerabilities/
This material will also help you regarding risk analysis:
- Book ISO 27001 Risk Management in Plain English https://advisera.com/books/iso-27001-annex-controls-plain-english/
Comment as guest or Sign in
Dec 16, 2017