Expert Advice Community

Guest

Inventory of assets and risk assessment

  Quote
Guest
Guest user Created:   Jul 08, 2017 Last commented:   Jul 08, 2017

Inventory of assets and risk assessment

I am a bit confused about the order of some of the templates and am hoping you can clarify. I am using the templates in the order you suggest (i.e. starting with folder 00), and am just wondering why the Inventory of Assets comes after the Risk Assessment Table. Could you explain why you wouldn't want to list all assets before proceeding to risk assessment?
0 0

Assign topic to the user

ISO 27001 DOCUMENTATION TOOLKIT

Step-by-step implementation for smaller companies.

ISO 27001 DOCUMENTATION TOOLKIT

Step-by-step implementation for smaller companies.

Expert
Rhand Leal Jul 08, 2017

Answer: First of all, an inventory of assets is not mandatory according to ISO 27001:2013 (it is a suggested control from Annex A, which may be selected if there is an unacceptable risk that can be treated by its implementation).

Second, some risk assessment approaches are not based on assets for risk identification. Instead, they could be based on some method not related to assets (e.g., scenario based).

Third, for smaller companies that use the asset-based approach for risk assessment it is easier to list all the asset directly into the Risk assessment sheet; later on, they do not need to have a separate Inventory of assets.

This article will provide you further explanation about I nventory of assets and risk assessment:
- How to handle Asset register (Asset inventory) according to ISO 27001 https://advisera.com/27001academy/knowledgebase/how-to-handle-asset-register-asset-inventory-according-to-iso-27001/

These materials will also help you regarding Inventory of assets and risk assessment:
- Book ISO 27001 Risk Management in Plain English https://advisera.com/books/iso-27001-annex-controls-plain-english/
- ISO 27001 Annex A Controls in Plain English https://advisera.com/books/iso-27001-annex-controls-plain-english/
Quote
0 0

Comment as guest or Sign in

HTML tags are not allowed

Jul 08, 2017

Jul 08, 2017

Suggested Topics