Risk register (template)
This is a template for an ISMS risk register. It is intentionally empty by default to avoid inventing risks. Add entries only when they are explicitly agreed and in-scope.
| Owner | Information Security Officer |
| Contact | infra@lef.tec.br |
| Version | 0.1 |
| Last updated | 2025-12-24 |
| Review cadence | On updates |
Risk register
Section titled “Risk register”| ID | Risk statement | Scope link(s) | Likelihood | Impact | Current controls (links) | Treatment | Action(s) | Owner | Due | Status |
|---|---|---|---|---|---|---|---|---|---|---|
- Methodology lives in Risk management methodology.
- Control applicability decisions belong in the Statement of Applicability (SoA).