Expert Advice Community

Guest

Asset handling in risk assessment

  Quote
Guest
Guest user Created:   Oct 31, 2019 Last commented:   Oct 31, 2019

Asset handling in risk assessment

Thanks for the support and information you are giving us. I am now doing the risk assessment and I have a question for you. So we have different Asset owners and let's say they all have laptops. So do I need to put every laptop and its associated risks, threats, and vulnerabilities or I just categorize it as laptops?

0 0

Assign topic to the user

ISO 27001 RISK ASSESSMENT AND RISK TREATMENT METHODOLOGY

Define main rules for risk assessment and treatment.

ISO 27001 RISK ASSESSMENT AND RISK TREATMENT METHODOLOGY

Define main rules for risk assessment and treatment.

Expert
Rhand Leal Oct 31, 2019

In cases like this, you can use a single item like "corporate laptops" to refer to all laptops in your organization in the risk assessment process. Please note that, if you have a situation where different groups of laptops need to be treated differently, you can adopt multiple items, like "development laptops", "management laptops", etc.

Quote
0 0

Comment as guest or Sign in

HTML tags are not allowed

Oct 31, 2019

Oct 31, 2019