ISO 27001 Clause 6.1.2 Information security risk assessment process
Required activity The organization defines and applies an information security risk assessment process. Explanation The organization defines an information security risk assessment process that: Establishes and maintains; The Risk acceptance criteria; Criteria for performing information security risk assessments, which may include criteria for assessing the consequence and likelihood, and rules for the determination of the …
ISO 27001 Clause 6.1.2 Information security risk assessment process Read More »