Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

A reference to ISO 27001 chapter 5. leadership should be added her, specifically detailing how the organization addresses risk responsibilities and residual risks.


Risk assessment process

The risk assessment process can be divided into the following activities:

  • Mapping of information assets with valuation
  • Mapping of existing measures
  • Mapping of risk elements
  • Assessment of risk level (consistency and probability)
  • Measures in relation to risk factors
  • Categorization and prioritization of measures
  • Approval of measures
  • Implementation and follow-up of measures