Drata

One of the new Requirements in ISO 27001:2022 is to establish a Threat Intelligence program (A.5.7). Below is an example Threat Assessment Plan for you to consider for Appendix A of your Risk Assessment Policy.

[Company] Security team is subscribed to the [ Threat Intelligence Tool / Security Leader’s Blog or Social Media / Security Newsletter / Information Sharing and Analysis Center (ISAC) / Vendor Alert or Status Feeds ], this list of threats is reviewed [Daily / Weekly / Monthly / Quarterly ] to identify new threats. The Security team analyzes each threat to determine if [Company] is susceptible to them. When a new threat that is applicable to [Company] is discovered, the Security team communicates this new threat to management via [ Appropriate Communication Channel].

New threats are treated according to the Vulnerability Management Policy, where threats are analyzed, prioritized for treatment, and then remediated as appropriate.

In the event that a new threat is discovered and there is evidence to suggest that it has been exploited by an attacker, the Security Team will follow the Incident Response Plan to respond to this event, which is treated as a security incident.

Example Threat Assessment Plan

Find answers and get help from Intercom Support and Community Experts

Empty Help Center

Uh oh. That page doesn’t exist.

Disappointed

Neutral

Smiley

Title

Track the progress of all tickets related to your company.

Tickets portal.

{assigneeName} needs more information from you