Skip to main content
Example Threat Assessment Plan
Ethan Heller avatar
Written by Ethan Heller
Updated over a week ago

One of the new Requirements in ISO 27001:2022 is to establish a Threat Intelligence program (A.5.7). Below is an example Threat Assessment Plan for you to consider for Appendix A of your Risk Assessment Policy.

[Company] Security team is subscribed to the [ Threat Intelligence Tool / Security Leader’s Blog or Social Media / Security Newsletter / Information Sharing and Analysis Center (ISAC) / Vendor Alert or Status Feeds ], this list of threats is reviewed [Daily / Weekly / Monthly / Quarterly ] to identify new threats. The Security team analyzes each threat to determine if [Company] is susceptible to them. When a new threat that is applicable to [Company] is discovered, the Security team communicates this new threat to management via [ Appropriate Communication Channel].

New threats are treated according to the Vulnerability Management Policy, where threats are analyzed, prioritized for treatment, and then remediated as appropriate.

In the event that a new threat is discovered and there is evidence to suggest that it has been exploited by an attacker, the Security Team will follow the Incident Response Plan to respond to this event, which is treated as a security incident.

Did this answer your question?