Expert Advice Community

Guest

Group of assets

  Quote
Guest
Guest user Created:   Jan 13, 2016 Last commented:   Jan 13, 2016

Group of assets

0 0

Assign topic to the user

ISO 27001 DOCUMENTATION TOOLKIT

Step-by-step implementation for smaller companies.

ISO 27001 DOCUMENTATION TOOLKIT

Step-by-step implementation for smaller companies.

Guest
AntonioS Jan 13, 2016

I have a question about listing assets for the risk assessment.  Is it acceptable to list similar assets under a single asset item (e.g. "laptops") instead of listing every item individually?

Assuming this might be ok, is it then acceptable to add more specific items to the same list.  E.g. "All Dell laptops" or "Jane Smith's laptop"? Otherwise it seems that the list of assets and risk assessment items could easily grow to impractical or unmanageable proportions.

 

Answer:

Yes, you can create group of assets, for example “laptops” if they have the same threats/vulnerabilities and also the same risk. Regarding your second question, you need to take care, because you can have laptops –located in others facilities or other companies- which can have different threats/vulnerabilities and risks, so in this case you cannot include them in the same group “laptops”. It is also important to think about the data that the laptop has: If Jane Smith is for example the head of HR Department, maybe has confidential information (which is not in oth er laptop) and is critical for the business. So from my point of view in this case will be better to have an individual asset.
This article can be interesting for you “How to handle Asset register (Asset inventory) according to ISO 27001” : https://advisera.com/27001academy/knowledgebase/how-to-handle-asset-register-asset-inventory-according-to-iso-27001/

Quote
0 0

Comment as guest or Sign in

HTML tags are not allowed

Jan 13, 2016

Jan 13, 2016

Suggested Topics

Guest user Created:   Jan 12, 2016 ISO 27001 & 22301
Replies: 1
0 0

Group of assets

Guest user Created:   Apr 29, 2021 ISO 27001 & 22301
Replies: 1
0 0

CONFORMIO - Assets management

Guest user Created:   Jul 13, 2019 ISO 27001 & 22301
Replies: 1
0 0

Responsible for personnel