Guest
Grouping of Assets in Risk Assessment Table
I’m working through the videos/templates that we purchased from you, and I have a question regarding the listing of assets in the Risk Assessment table.
We have 6 or 7 desktop PCs in each of our offices. Do I need to list each PC separately and repeat the same risk information over and over again in the Risk Assessment table, or can I just group them as “PCs Office 1” and “PCs Office 2”?
Assign topic to the user
ISO 27001 DOCUMENTATION TOOLKIT
Step-by-step implementation for smaller companies.
Find out more 
ISO 27001 DOCUMENTATION TOOLKIT
Step-by-step implementation for smaller companies.
Find out more
ISO 27001 DOCUMENTATION TOOLKIT
Step-by-step implementation for smaller companies.
Find out more
Expert
Rhand Leal
Dec 09, 2021
Both approaches are accepted by the standard. As a tip for planning on how to group assets, you should consider assets that share similar risks.
For example, you can have development PCs, Sales PCs, etc. In case all desktops share the same risks, you can use your PC's Office x” approach.
This article will provide you with a further explanation about the register of assets:
- How to handle Asset register (Asset inventory) according to ISO 27001 https://advisera.com/27001academy/knowledgebase/how-to-handle-asset-register-asset-inventory-according-to-iso-27001/
Comment as guest or Sign in
Dec 09, 2021
Dec 09, 2021
Dec 09, 2021