Risks related to ID cards
Assign topic to the user
Answer: The two main risks are
1 - The employee won't have access to areas or systems which require the ID card as part of the access control until he gets a replacement, becoming unable to perform his activities, which may cause delays on services, non-compliance with deadlines, or loss of business opportunities
2 - If he forgets the ID card in some place other people can find, someone can try to impersonate that employee and gain unauthorized access to areas and systems, and he also may perform activities in the name of the employee, what can cause embarrassment for him and the organization.
These articles will provide you further explanation about risk assessment:
- ISO 27001 risk assessment: How to match assets, threats and vulnerabilities https://advisera.com/27001academy/knowledgebase/iso-27001-risk-assessment-how-to-match-assets-threats-and-vulnerabilities/
- Catalogue of threats & vulnerabilities https://advisera.com/27001academy/knowledgebase/threats-vulnerabilities/
This material will also help you regarding risk assessment:
- Book ISO 27001 Risk Management in Plain English https://advisera.com/books/iso-27001-annex-controls-plain-english/
Comment as guest or Sign in
Mar 17, 2017