The 2013 version (with 2019 amendment) doesn’t prescribe how to assess risk — you could use OCTAVE, NIST, FAIR, or even a simple qualitative scale. Many companies overcomplicate this.
– Climate action changes (mainly adding Clause 4.1 and 4.2 regarding climate-related risks and interested parties).
The 2013 version (with 2019 amendment) doesn’t prescribe how to assess risk — you could use OCTAVE, NIST, FAIR, or even a simple qualitative scale. Many companies overcomplicate this.
– Climate action changes (mainly adding Clause 4.1 and 4.2 regarding climate-related risks and interested parties). iso 27001 2019