Scribd Logo
Upload

Welcome to Scribd!

  • 319 views

    It Risk Assessment Toolkit

    Uploaded by

    ssingh7610
    This document outlines an IT risk assessment toolkit covering 9 control areas related to IT security, contingency planning, systems security, access control, data protection, facilities security, personnel security, threat management, and asset management. Each control area contains specific subsections describing security controls that can be assessed for their current implementation and planned improvements.

    Copyright:

    Attribution Non-Commercial (BY-NC)
    Download as XLSX, PDF, TXT or read online from Scribd

    It Risk Assessment Toolkit

    Uploaded by

    ssingh7610
    319 views1 page
    This document outlines an IT risk assessment toolkit covering 9 control areas related to IT security, contingency planning, systems security, access control, data protection, facilities security, personnel security, threat management, and asset management. Each control area contains specific subsections describing security controls that can be assessed for their current implementation and planned improvements.

    Original Title

    27001 It Risk Assessment Toolkit

    Copyright

    © Attribution Non-Commercial (BY-NC)

    Available Formats

    XLSX, PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    This document outlines an IT risk assessment toolkit covering 9 control areas related to IT security, contingency planning, systems security, access control, data protection, facilities security, personnel security, threat management, and asset management. Each control area contains specific subsections describing security controls that can be assessed for their current implementation and planned improvements.

    Copyright:

    Attribution Non-Commercial (BY-NC)
    Download as XLSX, PDF, TXT or read online from Scribd
    Download as xlsx, pdf, or txt
    319 views1 page

    It Risk Assessment Toolkit

    Uploaded by

    ssingh7610
    This document outlines an IT risk assessment toolkit covering 9 control areas related to IT security, contingency planning, systems security, access control, data protection, facilities security, personnel security, threat management, and asset management. Each control area contains specific subsections describing security controls that can be assessed for their current implementation and planned improvements.

    Copyright:

    Attribution Non-Commercial (BY-NC)
    Download as XLSX, PDF, TXT or read online from Scribd
    Download as xlsx, pdf, or txt
    of 1

    IT Risk Assessment Toolkit

    Control Area 1 Risk Management


    1.1 IT Security Roles & Responsibilities 1.2 Business Impact Analysis 1.3 IT System & Data Sensitivity Classification 1.4 IT System Inventory & Definition 1.5 Risk Assessment 1.6 IT Security Audits

    In-Place/ Planned

    Description of Controls

    2 IT Contingency Planning
    2.1 Continuity of Operations Planning 2.2 IT Disaster Recovery Planning 2.3 IT System & Data Backup & Restoration

    3 IT Systems Security
    3.1 IT System Hardening 3.2 IT Systems Interoperability Security 3.3 Malicious Code Protection 3.4 IT Systems Development Life Cycle Security

    4 Logical Access Control


    4.1 Account Management 4.2 Password Management 4.3 Remote Access

    5 Data Protection
    4.4 Data Storage Media Protection 4.5 Encryption

    6 Facilities Security
    6.1 Facilities Security

    7 Personnel Security
    7.1 Access Determination & Control 7.2 IT Security Awareness & Training 7.3 Acceptable Use

    8 Threat Management
    8.1 Threat Detection 8.2 Incident Handling 8.3 Security Monitoring & Logging

    9 IT Asset Management
    9.1 IT Asset Control 9.2 Software License Management 9.3 Configuration Management & Change Control

    You might also like