ISO 27001:2013 Asset Based Risk Assessment
Assign topic to the user
If you have Asset based RA, I suppose that you have implemented the ISO 27001:2005 (old version). If so, you current methodology is accepted by the new version ISO 27001:2013, therefore you do not need to make changes. You can see the main changes of the ISO 27001:2013 at this article What has changed in risk assessment in ISO 27001:2013: https://advisera.com/27001academy/knowledgebase/what-has-changed-in-risk-assessment-in-iso-270012013/
Also, if you need to develop a new methodology accepted by ISO 27001:2013, I recommend you to read this article How to write ISO 27001 risk assessment methodology": https://advisera.com/27001academy/knowledgebase/write-iso-27001-risk-assessment-methodology/
Finally, you can use our ISO 27001/ISO 22301 Risk Assessment Toolkit. Remember t hat you can download a free version if you click on the Free Demo tab: https://advisera.com/27001academy/iso-27001-22301-risk-assessment-toolkit/
Comment as guest or Sign in
Jan 12, 2016