Expert Advice Community

Home / ISO 27001 & 22301 / Question about CIA and asset inventory

Guest

Question about CIA and asset inventory

ISO 27001 & 22301
  Quote
Guest
Guest user Created:   Jan 12, 2016 Last commented:   Jan 12, 2016

Question about CIA and asset inventory

ISO 27001 & 22301
I have a question about asset inventory... I stumbled with a doubt, The principles and scales of Confidentiality, Integrity and Availability are applied on the risk or on the assets?? or both?? How is applied the CIA principles in the new standard? to the risks or to the assets?
0 0

Assign topic to the user

ISO 27001 RISK TREATMENT PLAN

Determine responsibilities for the implementation of controls.

ISO 27001 RISK TREATMENT PLAN

Determine responsibilities for the implementation of controls.
Guest
DejanK Jan 12, 2016

You have to assess the impact of risks to confidentiality, integrity and availability of your information - this is part of the risk assessment process. As part of this process you can identify also the assets, but this is not mandatory.

You can find more detailed explanation in this webinar: The basics of risk assessment and treatment according to ISO 27001 https://advisera.com/27001academy/webinar/basics-risk-assessment-treatment-according-iso-27001-free-webinar-demand/

This article will also help you: What has changed in risk assessment in ISO 27001:2013 https://advisera.com/27001academy/knowledgebase/what-has-changed-in-risk-assessment-in-iso-270012013/

Quote
0 0

Comment as guest or Sign in

HTML tags are not allowed

Jan 12, 2016

Jan 12, 2016

Suggested Topics
Guest user Created:   Sep 16, 2022 ISO 27001 & 22301
Replies: 1
0 0

Asset inventory
Guest user Created:   Jun 21, 2022 ISO 27001 & 22301
Replies: 1
0 0

Asset management
Guest user Created:   Nov 18, 2021 ISO 27001 & 22301
Replies: 1
0 0

Some wondering on the use of the risk management registry