Expert Advice Community

Guest

Risk Assessment Table

  Quote
Guest
Guest user Created:   Feb 19, 2021 Last commented:   Feb 19, 2021

Risk Assessment Table

Hello, In 10.1 Appendix 1 the risk assessment table, do we need to enter each individual laptop/desktop computer with the various risks and vulnerabilities? Or is it acceptable to have an entry for laptops that goes through all the various risks and vulnerabilities that all laptops our company owns faces?

Assign topic to the user

ISO 27001 DOCUMENTATION TOOLKIT

Step-by-step implementation for smaller companies.

ISO 27001 DOCUMENTATION TOOLKIT

Step-by-step implementation for smaller companies.

Expert
Rhand Leal Feb 19, 2021

You can create a single asset named "laptop" associated with all the common threats and vulnerabilities they face. In case you have risks specific to certain laptops, you can create additional assets, like "sales laptop" or "development laptop", and associate to them the specific threats and vulnerabilities.  
 
This article will provide you a further explanation about managing assets:  

By the way, included in the toolkit you bought, you have access to a video tutorial that can help you fill in the risk assessment table.

Quote
0 0

Comment as guest or Sign in

HTML tags are not allowed

Feb 19, 2021

Feb 19, 2021