From the course: ISO 27001:2022-Compliant Cybersecurity: Getting Started
Join today to access over 23,200 courses taught by industry experts.
Information security risk treatment (Clause 6.1.3)
From the course: ISO 27001:2022-Compliant Cybersecurity: Getting Started
Information security risk treatment (Clause 6.1.3)
- [Narrator] In clause 6.1.2, you assessed the risks to your organization. The next step involves addressing these risks through the process of information security risk treatment detailed in clause 6.1.3, which I'll cover in this video. This clause has three mandatory documents, your risk treatment methodology, a risk treatment plan, and the statement of applicability. I'll cover these in detail later in the video. Typical options for treating risk include avoiding the risk, controlling the risk to reduce the risk level, transferring the risk, accepting the risk, or some combination of these. It's up to your organization to decide how the risk is treated based on resources available and the impact to the organization if the risk is untreated. For each risk identified in your risk register, which you created when complying with clause 6.1.2, you're required to develop a risk treatment plan. And this plan should include the risk…
Practice while you learn with exercise files
Download the files the instructor uses to teach the course. Follow along and learn by watching, listening and practicing.
Download courses and learn on the go
Watch courses on your mobile device without an internet connection. Download courses using your iOS or Android LinkedIn Learning app.