Security Risk Assessments

Owned by Roxy Sanchez
Dec 09, 2022

Does your organisation conduct security risk assessments for your full IT estate at least annually? Do you have a formally documented and board level approved risk management framework? Do you conduct regular risk and control assessments taking into account the latest vulnerabilities and changes to the threat landscape?

Yes, as part of ISMS we have a fully documented risk assessment and treatment process, which is reviewed regularly and at least annually. We maintain an organisation-wide risk register for IT and data security issues.