Expert Advice Community

Home / ISO 27001 & 22301 / Inventory of assets

Guest

Inventory of assets

ISO 27001 & 22301
  Quote
Guest
Guest user Created:   Oct 04, 2017 Last commented:   Oct 04, 2017

Inventory of assets

ISO 27001 & 22301
I need assistance coming up with what could be company wide assets and risks. I have laptops, desktops, paper documentation, electronic documentation, fax/printer, off-site/external/outsourced services and the process that involves their deactivation of their accounts once terminated, and USB devices and memory sticks. These would be company wide assets that would apply to the company as a whole. Physical security and building management will be worked on by the building manager. For company wide assets, I cannot think of anymore... company assets that will need some sort of control that will be relevant for every employee. This would also exclude anything IT related such as software, cables, server, etc. What do you think could be more company wide assets that need to be added?
0 0

Assign topic to the user

ISO 27001 DOCUMENTATION TOOLKIT

Step-by-step implementation for smaller companies.

ISO 27001 DOCUMENTATION TOOLKIT

Step-by-step implementation for smaller companies.
Expert
Rhand Leal Oct 04, 2017

Answer: I saw that you covered assets most related to hardware and information media. Considering the ISO 27005 standard (information security risk management), annex B (identification and valuation of assets and impact evaluation), I think you should also consider the following for assets that will need some sort of control that will be relevant for every employee:
- Specific types of information (e.g., those with high cost to produce or replace, those related to business strategy and performance, people's privacy, etc.)
- People in specific positions (e.g., decision makers, key department managers, developers, products/processes specialists, etc.)

In the Inventory of Assets template that comes with your toolkit you have a list of assets you can consider (sheet "Checklist of assets").

If you still have any doubts, included in your toolkit you can schedule a meeting with one of our experts so he can provide you additional support. To schedule a meeting you can access this link: https://advisera.com/27001academy/consultation/

Quote
0 0

Comment as guest or Sign in

HTML tags are not allowed

Oct 04, 2017

Oct 04, 2017

Suggested Topics
Guest user Created:   May 17, 2021 ISO 27001 & 22301
Replies: 1
0 0

Inventory of assets & risk methodology
Guest user Created:   Jun 05, 2020 ISO 27001 & 22301
Replies: 3
0 0

Inventory of Assets template
Guest user Created:   Mar 22, 2020 ISO 27001 & 22301
Replies: 1
0 1

Inventory of assets