Section 6.1.2 of ISO 27001 explicitly requires compliant organisations to carry out risk assessments based on agreed risk acceptance criteria. Conducting the risk assessment is often a tricky and complicated task, especially if it is your first time doing so.
Receive risk assessment tips from the ISO 27001 experts in this free green paper:
- Understand the relationship between ISO 27001 and ISO 31000;
- Discover how to produce reliable and robust results in five simple steps;
- Identify the challenges you may face during the risk assessment process; and
- Recognise the importance of the risk assessment to the ISO 27001 SoA (Statement of Applicability).