Guest user Created: Jan 12, 2016 Last commented: Jan 12, 2016

ISO 27001:2013 Asset Based Risk Assessment

I would like to get your advise on performing a RA based on ISO 27001:2013. Currently my organization has Asset based RA. Please let me know what is the mandatory requirement for ISO 27001: 2013 and kindly share if you have any sample or template.

0 0

Assign topic to the user

Select user

Guest

AntonioS Jan 12, 2016

If you have Asset based RA, I suppose that you have implemented the ISO 27001:2005 (old version). If so, you current methodology is accepted by the new version ISO 27001:2013, therefore you do not need to make changes. You can see the main changes of the ISO 27001:2013 at this article What has changed in risk assessment in ISO 27001:2013: https://advisera.com/27001academy/knowledgebase/what-has-changed-in-risk-assessment-in-iso-270012013/

Also, if you need to develop a new methodology accepted by ISO 27001:2013, I recommend you to read this article How to write ISO 27001 risk assessment methodology": https://advisera.com/27001academy/knowledgebase/write-iso-27001-risk-assessment-methodology/

Finally, you can use our ISO 27001/ISO 22301 Risk Assessment Toolkit. Remember t hat you can download a free version if you click on the Free Demo tab: https://advisera.com/27001academy/iso-27001-22301-risk-assessment-toolkit/

Quote

0 0

Comment as guest or Sign in

HTML tags are not allowed

Name *

Email *

I accept the Privacy and Terms

Notify me when someone replies

Jan 12, 2016

Expert Advice Community