Conduct periodic risk assessments designed to analyse existing information security risks, identify potential new risks, and evaluate the effectiveness of existing security controls
Maintain risk assessment processes designed to evaluate the likelihood of risk occurrence and the potential internal and external impacts in the event of occurrence
CISO, Head of Risk and function head approve any exceptions to the ISMS or risk management policies, procedures and guidelines
Document and track risk acceptances and related actions items on an ongoing basis, relative to the agreed acceptance period
Stay in touch
Stay updated with the latest trends. Sign up for our newsletter.
