Free PDF download: Risk Assessment and ISO 27001
ISO 27001 requires the organisation to produce a set of reports, based on the risk assessment, for audit and certification purposes.
Section 6.1.2 of ISO 27001 explicitly requires compliant organisations to carry out risk assessments based on agreed risk acceptance criteria. Conducting the risk assessment is often a tricky and complicated task, especially if it is your first time doing so.
Download this informative guide to risk assessment and ISO 27001 to discover:
- The relationship between ISO 27001 and ISO 31000;
- Discover how to produce reliable and robust results in five simple steps;
- Identify the challenges you may face during the risk assessment process; and
- Recognise the importance of the risk assessment to the ISO 27001 SoA (Statement of Applicability).