Back

Employ third parties when implementing a risk assessment, as necessary.


CONTROL ID
16306
CONTROL TYPE
Human Resources Management
CLASSIFICATION
Detective

SUPPORTING AND SUPPORTED CONTROLS



This Control directly supports the implied Control(s):
  • Establish, implement, and maintain a risk assessment program., CC ID: 00687

There are no implementation support Controls.


SELECTED AUTHORITY DOCUMENTS COMPLIED WITH



  • One method for risk analysis is the approach described in BSI Standard 200-3 Risk analysis based on IT-Grundschutz. A summary of this methodology is provided in Section 8.5. The successful implementation of a risk analysis depends critically on the expertise of the project team. Therefore, it is fre… (§ 7.8 ¶ 2, BSI-Standard 200-2 IT-Grundschutz Methodology, Version 1.0)