Assessment of processes
Assign topic to the user
Here you'll find a catalogue of threats and vulnerabilities: https://advisera.com/27001academy/knowledgebase/threats-vulnerabilities/
This catalogue is made for assessing threats and vulnerabilities of assets, but it can be used for processes as well. By the way, when speaking about ISO 27001, it is much better to do asset-based risk assessment because it gives much more precise results.
You can also read about the process of risk assessment here: https://advisera.com/27001academy/knowledgebase/iso-27001-risk-assessment-treatment-6-basic-steps/
Thanks, our Risk assessment is asset based assessment, we do have several processes that I wanted to know what could compromise their availability, Confidentiality and integrity from the list of Threats/Vulnrabilities.
Comment as guest or Sign in
Jan 12, 2016