7 Risk Management, Controls, and Policies

One of the most important things to sort out, aside from preparing all the documentation needed and confirming support from management, is to have a list of all the entity’s assets. In this chapter, we will be covering risk management, data classification, and the controls defined within ISO 27001.

An asset is a resource having economic worth that a person, business, or nation owns or manages with the idea that it will produce future benefits. The balance sheet of a firm lists its assets. They are acquired or established to raise the value of a company or to boost its operations. In our context, an asset is defined as any goods or services, tangible or intangible, that are considered part of an entity. ...

Get Cybersecurity and Privacy Law Handbook now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

Cybersecurity and Privacy Law Handbook by Walter Rocchi

7

Risk Management, Controls, and Policies

Don’t leave empty-handed

It’s yours, free.

Check it out now on O’Reilly