New Focus on Risk Treatment Processes. ISO 27001 2022 has placed a greater emphasis on risk treatment processes and the use of Annex A controls. The updated Standard now requires organisations to consider the four options for treating risks: modification, retention, avoidance and sharing.
