>myctrl.tools
Preferences
Under active development Content is continuously updated and improved
Compare

OIS-06Risk Management Policy

>Control Description

Policies and instructions for risk management procedures are documented, communicated and provided in accordance with SP-01 for the following aspects: • Identification of risks associated with the loss of confidentiality, integrity, availability and authenticity of information within the scope of the ISMS and assigning risk owners; • Analysis of the probability and impact of occurrence and determination of the level of risk; • Evaluation of the risk analysis based on defined criteria for risk acceptance and prioritisation of handling; • Handling of risks through measures, including approval of authorisation and acceptance of residual risks by risk owners; and • Documentation of the activities implemented to enable consistent, valid and comparable results. Additional criteria: -

Ask AI

Configure your API key to use AI features.