ISO 31010 and Implementing Risk Assessment Techniques
We’ve previously discussed the role of risk assessment as defined by the International Organization of Standardization (ISO) 31000, and generally speaking, we’ve found that risk management is a key practice to supporting security and compliance. To better support organizations approaching risk assessment, ISO published the supplementary document, ISO/IEC 31010, “Risk assessment technique.”
In this article, we’ll provide a brief overview of the processes and techniques advocated by this publication.