Answer: ISO 27001 does not require you to assess assets, but it does require you to assess likelihood and impact of a risk. When the impact of a risk is assessed, you have to take into account the effects of this risk on the confidentialiy, integrity and availability of your data.
Q2: Does the RTP have to cover all risks identified against each of the controls or only high/medium risks identified from your risk assessment performed against the companies assets?
Answer: The Risk Treatment Plan (RTP) has to cover only the controls that have not yet been implemented - it doesn't matter to which assets or risks those controls are related to. The risk treatment process has a differentu purpose than the RTP - it has to cover only the unacceptable risks, i.e. the highest risks you identified during the risk assessment process.