Assets analysis

Answer: For ISO 27001 all assets are valued regarding the impact of loss of confidentiality, integrity and availability of the information. Such valuation is performed during the risk assessment process.

So when you think about General Manager you have to think about the potential impact if the confidentiality, integrity or availability of the information the manager needs to perform his function, or creates and provides as result of his work, is endangered.

2. For Software Asset dependency, its goes the same?

Answer: Yes, you can have the same approach: the potential impact on information the software needs to perform its function or, on the other way, the impact on information the software creates and makes available to organization.

This article w ill provide you further explanation about asset management:
- How to handle Asset register (Asset inventory) according to ISO 27001 https://advisera.com/27001academy/knowledgebase/how-to-handle-asset-register-asset-inventory-according-to-iso-27001/
- ISO 27001 risk assessment: How to match assets, threats and vulnerabilities https://advisera.com/27001academy/knowledgebase/iso-27001-risk-assessment-how-to-match-assets-threats-and-vulnerabilities/

These materials will also help you regarding asset management and risk assessment:
- Book Secure & Simple: A Small-Business Guide to Implementing ISO 27001 On Your Own https://advisera.com/books/secure-and-simple-a-small-business-guide-to-implementing-iso-27001-on-your-own/
- Free online training ISO 27001 Foundations Course https://advisera.com/training/iso-27001-foundations-course/