Guest
Treating server as a single asset or viewing it separately for hardware and soft
If you identified an asset for example, an application on a server... Do you have to separate two assets or to treat as an single asset?
Assign topic to the user
Like this:
Asset 1: Application
Asset 2: server on which the application runs
or
Asset: Application / server
Answer:
ISO 27001 allows you to do it both ways. First approach you mentioned is better if you want to get more precise results during the risk assessment, whereas the second approach is probably better for smaller companies where you want to finish your risk assessment quickly.
Comment as guest or Sign in
Jan 12, 2016
Jan 12, 2016
Jan 12, 2016