| General : | |
| Version: | 1.0 |
| Project : | |
| Author: | Wolfgang Kern |
| Status: | Approved |
| Created: | 04.03.2015 08:16:52 |
| Modified: | 00:00:00 |
|
|
|
|
|
EA Project Browser
Overview- Organisation Chart
- Staff
- Roles
- Projects
- SOPs
- Templates
- Software tools
- Equipment
- Facilities
- Products
- Compliance
Compliance
ISO 13485:2016-08 Qualitätsmanagement- ISO 13485:2012-11 Quality management
- ISO 14971 Risk management
- IEC 62304 Software life-cycle processes
- IEC 62366 Usability
- CFR 820 Code of Federal Regulations Title 21
- Council directive 93/42/EEC, Annex II
- ISO 27001 Information technology - Security techniques
- ISO 27001 Information technology - Security techniques
- 4 Context of the organisation
- 5 Leadership
- 6 Planning
- 6 Planning
- 6.1 Actions to address risks and opportunities
- 6.1 Actions to address risks and opportunities
- 6.1.1 General
- 6.1.2 Information security risk assessment
6.1.2 Information security risk assessment
«Functional» 6.1.2 a1) ISMS process establish and maintain information security risk criteria including risk acceptance criteria- «Functional» 6.1.2 a2) ISMS processes establish and maintain information security risk criteria including criteria for performing information security risk assessments
- «Functional» 6.1.2 b) Ensures that repeated information security risk assessments produce consistent, valid and comparable results
- «Functional» 6.1.2 c1) Apply the information security risk assessment process to identify risks associated with the loss of confidentiality, integrity and availability for information within the scope of the information security management system
- «Functional» 6.1.2 c2) Information security risks assessment shall identify the risk owners
- «Functional» 6.1.2 d1) Informaton security risk assessment shall assess the potential consequences that would result if the risks identified in 6.1.2 c) were to materialize
- «Functional» 6.1.2 d2) Analyse information security risks and assess the realistic likelihood of the occurence of the risk identified
- 6.1.3 Information security risk treatment
- 6.2 Information security objectives and planning to achieve them
- 7 Support
- 8 Operation
- 9 Performance evaluation
- 10 Improvement
- IEC 60601-1 Processes
- Sandbox