Diagram of 6 steps in ISO 27001 risk management

Check these articles for more information

Define how the Risk assessment Article:

risks are going to & treatment
be assessed and methodology - How to write ISO 27001 risk
treated assessment methodology

Articles:
Identify the risks Risk register / - ISO 27001 risk assessment: How to
and evaluate how Risk assessment match assets, threats and vulnerabilities
significant they sheet
are - How to assess consequences and
likelihood in ISO 27001 risk analysis

Identify controls Risk register / Article:

& other options to Risk treatment
- 4 mitigation options in risk treatment
decrease risks sheet
Periodic risk review

according to ISO 27001

Document the Risk assessment

results of risk & treatment
management report

Develop a
Article:
security profile of Statement of
the company - list Applicability - The importance of Statement of
all controls and Applicability for ISO 27001
their status

Create an
Article:
implementation Risk treatment
plan for controls plan - Risk Treatment Plan and risk treatment
not yet process – What's the difference?
implemented

For more information, check these general materials on risk management:

- (article) ISO 27001 risk assessment & treatment – 6 basic steps

- (webinar) The basics of risk assessment and treatment according to ISO 27001
- (paid templates) ISO 27001 Risk Assessment Toolkit

Courtesy of: 27001Academy https://advisera.com/27001academy/

Copyright ©2018 Advisera Expert Solutions Ltd