Guest user Created: Aug 05, 2016 Last commented: Aug 05, 2016

Perform the asset register easily

I have a question concerning the Risk assessment: I have already the Asset List and want to match the threats and Vulnerabilities. Like I am using the Lists that you have, but its not easy to do that job. For example for the Asset "Laptop" i have 6 different combinations. My question how can i make my work easier and more effective? Does the ISO27001 requires this level of details? Any Tipps?

0 0

Assign topic to the user

Select user

Guest

Antonio Jose Segovia Aug 05, 2016

Answer:
It is the most easy way, I mean, matching threats and vulnerabilities for each asset although if you want to reduce the work, the best recommendation is to reduce the number of assets, for example grouping similar assets with the same threats/vulnerabilities. For example: laptops (for all laptops), workstations (for all workstations), printers (for all printers), etc.

Anyway, it is not mandatory to have an asset based risk management, although is very recommendable to work with the asset based risk management, because is more easy that other methods.

This article can be interesting for you “ISO 27001 risk assessment: How to match assets, threats and vulnerabilities” : https://advisera.com/27001academy/knowledgebase/iso-27001-risk-assessment-how-to-match-assets-threats-and-vulnerabilities/

And also our online course, because we give more information about the risk assessment “ISO 27001:2013 Foundations Course” : https://advisera.com/training/iso-27001-foundations-course/

Quote

0 0

Comment as guest or Sign in

HTML tags are not allowed

Name *

Email *

I accept the Privacy and Terms

Notify me when someone replies

Aug 04, 2016

Expert Advice Community