InfoSecMinds

For like-minded people

Posts Tagged Information Security Risk Assessment

Service Asset – A Requirement or Duplication

Jul 5

Posted by Vinod Puthuseeri in ISMS, ISO 27001:2005, Information Security Risk Assessment, Risk Assessment | 2 Comments

It just came up recently while discussing with one of my friend, the need for capturing service assets as a part of asset inventory which will be used further for risk assessment exercise.

In a normal scenario, everyone uses a template that captures assests under different cateogories, viz

  • Information Asset – deals with electronic and paper based data
  • Hardware Asset – includes all your hardware, cupboards, safe, etc
  • Software Asset – includes all software’s used or implemented in the organization.
  • Service Asset – services that a department avails from the organization
  • People Asset – talks about people / employees

 Now the discussion went like this:

Read the rest of this entry »

Tags: , ,

ISMS Implementation Guide

Apr 4

Posted by Vinod Puthuseeri in ISO 27001:2005 | No Comments

ISMS Implementation Guide is one of my first white papers which was written out of my personal experience in implementing Information Security practices in an organization using the BS ISO/IEC 17799:2005 framework. This paper is intended to give an insight and help, those who are implementing this for the first time and for those who will be coordinating with external consultants for ISMS implementations in their organizations.

Please download the document here:
ISMS Implementation Guide

Tags: , , ,