Tem­p­la­te Info­Sec Risk Manage­ment Method accor­ding to ISO 27001

Beschreibung

The method descrip­ti­on covers the com­ple­te life cycle of a risk ana­ly­sis, from the iden­ti­fi­ca­ti­on of hazards and values, through the defi­ni­ti­on of risk owners, to the cal­cu­la­ti­on of pro­ba­bi­li­ties of occur­rence and impacts, and cri­te­ria for risk accep­tance.

In the area of risk tre­at­ment, the method reli­es on the com­mon stra­te­gies of avo­id­ance, reduc­tion, off­loa­ding (e.g. through insu­rance) and acceptance.

The tem­p­la­te com­pri­ses approx. 7 pages as well as a list of ele­men­ta­ry hazards and accom­pany­ing tabu­lar tem­pla­tes for recor­ding risks and track­ing their mea­su­res. The method has been tes­ted seve­ral times in ISMS / ISO 27001 certifications.

Lan­guage: Ger­man / English

Licence: Digi­tal tem­p­la­te in Micro­soft Office for­mat with right of use for one com­pa­ny. The tem­p­la­te may be modi­fied as desi­red. No resa­le, no pas­sing on or com­mer­cial use by con­sul­ting com­pa­nies is permitted.