Expert Advice Community

Home / ISO 27001 & 22301 / Vulnerability identification

Guest

Vulnerability identification

ISO 27001 & 22301
  Quote
Guest
Guest user Created:   Dec 16, 2017 Last commented:   Dec 16, 2017

Vulnerability identification

ISO 27001 & 22301
Is a complicated configuration procedure (a lot of manual work) a vulnerability for an information system's information security? This vulnerability may lead to errors, customers dissatisfaction and thus loss of customers. Am I wrong?
0 0

Assign topic to the user

ISO 27001 DOCUMENTATION TOOLKIT

Step-by-step implementation for smaller companies.

ISO 27001 DOCUMENTATION TOOLKIT

Step-by-step implementation for smaller companies.
Expert
Rhand Leal Dec 16, 2017

Answer: You understanding is correct. Complicated procedures are prone to errors and the impacts you mentioned, and depending upon the results of your analysis and evaluation the application of security controls may be required.

This article will provide you further explanation about risk analysis:
- ISO 27001 risk assessment: How to match assets, threats and vulnerabilities https://advisera.com/27001academy/knowledgebase/iso-27001-risk-assessment-how-to-match-assets-threats-and-vulnerabilities/

This material will also help you regarding risk analysis:
- Book ISO 27001 Risk Management in Plain English https://advisera.com/books/iso-27001-annex-controls-plain-english/

Quote
0 0

Comment as guest or Sign in

HTML tags are not allowed

Dec 16, 2017

Dec 16, 2017

Suggested Topics
Guest user Created:   Jan 04, 2022 ISO 27001 & 22301
Replies: 1
0 0

ISO 27005:2018
Guest user Created:   Jan 12, 2016 ISO 27001 & 22301
Replies: 1
0 0

Risk assessment based on processes
Guest user Created:   Apr 05, 2023 ISO 27001 & 22301
Replies: 1
0 0

Questions about vulnerability analysis