RISK-0005
Risk summary
- Likelihood
- 4
- Impact
- 4
- Score
- 16
- Level
- High
- 01
Asset
ISMS improvement loop, control effectiveness records, corrective action process, and affected business processes.
Business object or system that needs protection. - 02
Threat
Recurring attacker technique, recurring human error, recurring supplier weakness, or recurring control failure.
Event, actor, or condition that can create harm. - 03
Vulnerability
Post-incident reviews are skipped, root cause stops at symptoms, corrective actions are not owned, and lessons do not update controls, training, supplier management, or risk assessment.
Weakness that makes the threat relevant. - 04
Risk
Because incident knowledge is not converted into corrective actions, the same failure mode may recur and leave the organization exposed to preventable incidents.
Scenario evaluated with likelihood, impact, and ownership. - 05
Treatment
Mitigate through post-incident review, root-cause analysis, corrective action ownership, closure evidence, management review input, and risk reassessment.
Decision path for reducing, accepting, transferring, or avoiding risk.
Controls that treat the risk
Evidence that proves operation
Assessment Rationale
Likelihood
The likelihood is high because unresolved control gaps tend to reappear. If incidents only restore service and do not improve controls, the organization pays for the same weakness multiple times.
Impact
The impact is medium-high because repeated incidents increase cost, audit findings, management concern, and customer distrust even when each single incident is not catastrophic.
Residual Risk
After treatment, residual risk is estimated as medium when corrective actions are tracked to closure and lessons visibly change controls, training, or procedures.
Review Notes
Review during management review, after recurring minor events, and after any major incident that exposes control or process weakness.
Software Object Mapping
- risk
- incident
- lessons_learned
- control
- evidence
- Iso27005
- Risk
- Iso27001
- Incident management
- Continual improvement
Note Metadata
Aliases: RISK-0005
Source: 05-Risk-Knowledge-Base/RISK-0005-Repeat-Incident-Without-Lessons-Learned.md