• Home
  • Consultancy
  • Training
  • Products
  • Events
  • Case Studies
  • About us
Home

ISO 27001- Risk Treatment

As an organisation moves into the 'Do' Phase, it begins to formulate a risk treatment plan and starts to implement a number of controls identified during the Plan Phase. These controls could be technical eg anti virus or management eg security policies and processes. The risk assessment will identify the key threats and thus assist organisations to prioritise control implementation. In URM’s opinion it is important that organisations acknowledge that ISO 27001 is about continuous improvement and that they implement the controls in the highest risk areas first and do not try and do everything at once. Again the key word is sustainability.

One of the absolute must activities in this phase though is the implementation of a security awareness and training programme. URM is one of the UK's leading training providers in the areas of information security and governance, business continuity, risk management and data protection.

Back to lifecycle overview
  • Consultancy Introduction
  • Information Security (ISO 27001)
    • Information Security (ISO 27001)
    • Relationship between ISO 27002 & ISO 27001
    • How to Comply with ISO 27002 or Certify to ISO 27001
    • ISO 27001 Awareness Training
    • ISO 27001 Case Studies
  • Information Security (PCI DSS)
    • Information Security (PCI DSS)
    • Stages of Compliance to PCI-DSS
  • Information Security (DMA DataSeal)
  • Business Continuity Management (BS 25999)
    • Business Continuity Management (BS 25999)
    • Significance of BS 25999
    • How to deploy BS 25999 - Lifecycle Stages
    • Crisis Management Simulation Exercises
    • New ISO Standard for BCM - ISO 22301
  • IT Service Management (ITIL & ISO 20000)
    • IT Service Management (ITIL & ISO 20000)
    • Significance of ITIL & ISO 20000
    • How to deploy ITIL or certify with ISO 20000
  • Data Protection
    • Data Protection - Introduction
    • URM's approach to Data Protection
    • BS 10012 - New DPA Standard
  • Information Risk Management
    • Information Risk Management
    • URM's approach to Information Risk Management
  • Software Asset Management
    • Software Asset Management
    • URM's approach to Software Asset Management
  • Polices & Procedures
    • Polices & Procedures
    • URM's approach to Polices & Procedures
  • Social Networking

Copyright © Ultima Risk Management, 2010. All Rights Reserved

  • contact us
  • careers
  • terms of use
  • privacy
  • site map