Expert Advice Community

Guest

Assets inventory

  Quote
Guest
Guest user Created:   Dec 06, 2018 Last commented:   Dec 06, 2018

Assets inventory

I’m busy with making an inventory of our assets and to start assessing the risks. I see that you’re f.e suggesting keys or UPS devices as an asset. For me both relate to another asset namely: building/office and the server room.
0 0

Assign topic to the user

ISO 27001 DOCUMENTATION TOOLKIT

Step-by-step implementation for smaller companies.

ISO 27001 DOCUMENTATION TOOLKIT

Step-by-step implementation for smaller companies.

Expert
Rhand Leal Dec 06, 2018
If we take some examples of the asset list we could easily do a risk assessment of the building or the server room and come to the same risks. f.e. threat: theft and vulnerability: inadequate procedure for protecting the “keys” or threat: interruption of power supply, vulnerability: old “UPS” with no maintenance, etc.
I can come up with many other examples such as air-conditioning, alarm etc. as the risks could be found with other related assets. How should we deal with this ? I suppose it doesn’t matter ? As long as we identify the risks ?

Answer:

The lists provided in the templates are only suggestions for you to use if you can't come up with your own elements, so you can use only your own assets, threats and risks to build you inventory and risk assessment (it seems to me that by your examples you already understood the concepts for performing risk assessment).

It is important to note that you can also group the assets if threats/vulnerabilities are similar.

These articles will provide you further explanation about inventory and risk assessment:
- How to handle Asset register (Asset inventory) according to ISO 27001 https://advisera.com/27001academy/knowledgebase/how-to-handle-asset-register-asset-inventory-according-to-iso-27001/
- ISO 27001 risk assessment: How to match assets, threats and vulnerabilities https://advisera.com/27001academy/knowledgebase/iso-27001-risk-assessment-how-to-match-assets-threats-and-vulnerabilities/
Quote
0 1

Comment as guest or Sign in

HTML tags are not allowed

Dec 06, 2018

Dec 06, 2018

Suggested Topics

Guest user Created:   Aug 20, 2020 ISO 27001 & 22301
Replies: 1
0 0

Assets Inventory

Thierry Soleil Created:   Jan 22, 2019 ISO 27001 & 22301
Replies: 2
0 0

Assets inventory list.