If I understood correctly, you want a diagram to show the relationship between assets and threats.
Considering that, first is important to note that for certification purposes ISO 27001 does not require such a diagram. By including it in the toolkit, it would only make it unnecessarily complex.
If you need this diagram for other purposes, you can find an example on how to build such a diagram in this link: https://info.advisera.com/27001academy/free-download/diagram-of-iso-270012013-risk-assessment-and-treatment-process
This diagram shows the ISO 27001 Risk Assessment and Treatment process, considering an asset – threat – vulnerability approach.
Comment as guest or Sign in
Mar 06, 2020