Importance of CIA aspects
Assign topic to the user
Answer: There is no general single answer, since the impacts on information security confidentiality, integrity, or availability for each asset in your scope will vary depending upon the considered threats, which are to be identified during risk assessment. For example, for the asset "research and development information" the threat "fire" will have availability as the aspect most affected, while for the threat "unintentional change of data" the integrity is the most affect aspect.
This article will provide you further explanation about risk assessment:
- ISO 27001 risk assessment: How to match assets, threats and vulnerabilities https://advisera.com/27001academy/knowledgebase/iso-27001-risk-assessment-how-to-match-assets-threats-and-vulnerabilities/
- How to assess consequences and likelihood in ISO 27001 risk analysis https://advisera.com/books/secure-and-simple-a-small-business-guide-to-implementing-iso-27001-on-your-own/
- Free online training ISO 27001 Foundations Course https://advisera.com/training/iso-27001-foundations-course/
Comment as guest or Sign in
Jan 21, 2017