It would be appreciated if in the "Evaluation of Trends and Threat, and synthesis" phase that we could select the threat(s) that are in the scope of the risk analysis.
In ISO 27005, you have to select the threats that you desire to put in the scope of your analysis, for the moment all threats (30) are imposed to be selected in the risk analysis.
By allowing to select the "in-scope" threats, the risk analysis will be eased by only focusing on the selected threats.
Dear Monarc,
It would be appreciated if in the "Evaluation of Trends and Threat, and synthesis" phase that we could select the threat(s) that are in the scope of the risk analysis.
In ISO 27005, you have to select the threats that you desire to put in the scope of your analysis, for the moment all threats (30) are imposed to be selected in the risk analysis.
By allowing to select the "in-scope" threats, the risk analysis will be eased by only focusing on the selected threats.
Best Regards