Identifying risks, risk management methods, risk registers, (cyber) threat assessments, threat intelligence sharing, sharing best practices
The topics suggested by the community:
- Risk catalogue
- Risk assessment template/guidelines
- Risk management template/guidelines
- MISP & other threat sharing instruments
- Risk management outside Europe
- Risk of outsourcing - measuring by contracts, laws
- Setting up risk assessment sessions within NRENs (boards, management, etc)
Additional topics (25 October consultation):
- templates for risk acceptance/temp authorized non-compliance
- It could be part of the Information Security Management but also on General risk Management -> ISO 31kIdentify and share best practices
- Establish collaboration mechanism