Guest user Created: Jan 12, 2016 Last commented: Jan 12, 2016

Assets mentioned by the owner

I was asked a couple of days ago about how to make sure that the assets mentioned by the owner is truly a reliable one and how to distinguish it from other unreliable ones. Appreciate if you helped me in that matter.

0 0

Assign topic to the user

Select user

Guest

AntonioS Jan 12, 2016

From the point of view of ISO 27001, you need to identify risks related to assets, and the important here is to establish a risk owner and asset owner. Please, to see more information about the risk assessment & treatment, click here ISO 27001 risk assessment & treatment 6 basic steps: https://advisera.com/27001academy/knowledgebase/iso-27001-risk-assessment-treatment-6-basic-steps/

If you need more information about the differences between risk owner and asset owner, please see this Risk owners vs. Asset owners in ISO 27001:2013 : https://advisera.com/27001academy/knowledgebase/risk-owners-vs-asset-owners-in-iso-270012013/

Finally, keep in mind that you need to perform the internal audit to review whether the assets perform as expected. If you need more information about how to make your own intern al audit checklist, please read this article How to make an Internal Audit checklist for ISO 27001 / ISO 22301 : https://advisera.com/27001academy/knowledgebase/how-to-make-an-internal-audit-checklist-for-iso-27001-iso-22301/

Quote

0 0

Comment as guest or Sign in

HTML tags are not allowed

Name *

Email *

I accept the Privacy and Terms

Notify me when someone replies

Jan 12, 2016

Expert Advice Community