P
Hi,
Most of the Risk assessment templates that I have seen are all Asset based. You start with asset register, and look for risks and mitigation plans.
I guess that was a standard approach in ISO 27001:2005. There are a couple of templates on the internet, however they are again asset based.
ISO 27001:2013 does not necessarily ask for Asset based risk assessment. What I am looking for is a sample template for assessing risks and opportunities that possibly takes a different approach. It could be a process based approach too.
If anyone can share such a template, it would be great to know.
Thanks.
Most of the Risk assessment templates that I have seen are all Asset based. You start with asset register, and look for risks and mitigation plans.
I guess that was a standard approach in ISO 27001:2005. There are a couple of templates on the internet, however they are again asset based.
ISO 27001:2013 does not necessarily ask for Asset based risk assessment. What I am looking for is a sample template for assessing risks and opportunities that possibly takes a different approach. It could be a process based approach too.
If anyone can share such a template, it would be great to know.
Thanks.