Scope, Context and Criteria
Previous iterations of AS ISO 31000:2018 Risk management – Guidelines and subordinate texts recommended that assessors define the External, Internal and (Security) Risk Context at the commencement of each assessment. This was changed within the 2018 version of the standard to documenting the Scope, Context and Criteria.
We believe that this makes much better sense and have ensured alignment with this approach within SECTARA. For ease of consumption, instructions on each individual element are linked below.