Guest
What to list in Risk assessment table
In the column Asset of my Risk Assessment Table shall I list also processes and activities which could have any risk, or just hardware, software, network, human resources?
Assign topic to the user
ISO 27001 RISK ASSESSMENT TABLE
Implement risk register using catalogues of vulnerabilities and threats.
Get it now 
ISO 27001 RISK ASSESSMENT TABLE
Implement risk register using catalogues of vulnerabilities and threats.
Get it now
ISO 27001 RISK ASSESSMENT TABLE
Implement risk register using catalogues of vulnerabilities and threats.
Get it now
Answer:
ISO 27001 allows you to list anything you want, however we suggest you list only assets since we recommend using the asset-based risk assessment.
Since our Risk assessment methodology templates requires listing only the assets, if you decide to list processes/activities also, you should then change the methodology document as well.
Comment as guest or Sign in
Jan 12, 2016
Jan 12, 2016
Jan 12, 2016