Hello, In 10.1 Appendix 1 the risk assessment table, do we need to enter each individual laptop/desktop computer with the various risks and vulnerabilities? Or is it acceptable to have an entry for laptops that goes through all the various risks and vulnerabilities that all laptops our company owns faces?
I bought in the past the the Advisera - ISO 27001-EU GDPR templates, but when I started using the Risk_Assessment_Table_27A_EN I found that the catalogue of Threats and Vulnerabilities is not enough and complete to manage a risk assessment in a good way. if there is a more detailed list of Threats and Vulnerabilities ?
I would like to know what is the difference between the Risk assessment table and Asset register, please?
Hello Advisera Team,
I have a question about Vulnerabilities in Risk assessment in ISO 27001: is it something which already has place, or something which could potentially happen in the future?
I mean, in your example below, if we have UPS, fire extinguisher, and fire protection, are all those risks not relevant for us? So we don’t enter them in our Risk Assessment Table?