Information assets
Assign topic to the user
Answer:
I am sorry but ISO 27001 does not establish who determines what constitute an information asset, although the best practice is that the identification of assets is performed by all people involved in the implementation of the standard.
Anyway, one of the most relevant people involved in the implementation (and maintenance) of the ISO 27001 is the CISO (he coordinates the whole project and one of his activities is the asset management). Another important question is the asset owner, which is the employee that operates the asset. This article can be interesting for you “What is the job of Chief Information Security Officer (CISO) in ISO 27001?” : https://advisera.com/27001academy/knowledgebase/what-is-the-job-of-chief-information-security-officer-ciso-in-iso-27001/
This article can be also inter esting for you "ISO 27001 risk assessment: How to match assets, threats and vulnerabilities" : https://advisera.com/27001academy/knowledgebase/iso-27001-risk-assessment-how-to-match-assets-threats-and-vulnerabilities/
And our online course can be also interesting for you because we give more information about the assets “ISO 27001:2013 Foundations Course” : https://advisera.com/training/iso-27001-foundations-course/
Comment as guest or Sign in
May 18, 2016