Workshop – 4
Risk Treatment – Build the PDSP

After risk assessment comes the processes of risk treatment: identifying, evaluating and implementing the security measures needed to address the identified risks.

Risk treatment involves not just selecting controls, but understanding the outcomes of risk analysis: which risks are your priority; which risks should be handled by third parties; and which risks can be accepted.

We look beyond technical solutions to find the baseline changes to business processes required to address risk. The findings from your risk treatment analysis are used to compile your Protective Data Security Plan (PDSP).

Session Topics

Risk treatment, information security control selection, Protective Data Security Plan (PDSP).

Included Resources

Sample PDSP template and submission, ISO-27001 security controls.

Current workshop series is complete

Please see our new VPDSF Process Champion and VPDSF Lead Implementer courses for training opportunities.