Risk Assessment for Asset Owners

CHAPTER 4: ASSET OWNERS

According to ISO27001, every asset has an owner.⁷

The term ‘owner’ is not meant to convey legal ownership of the asset to the individual and is defined (4.2.1 - d1, footnote 2) as the ‘individual or entity that has approved management responsibility for controlling the production, development, maintenance, use and security of the assets’. This could therefore be a system administrator or a manager who is responsible for defining how an asset or group of similar assets is used.

The owner of the asset is the person – or part of the business – who is responsible for the appropriate classification and protection of the asset. In real terms, allocating ownership to a part of the organization can be ineffective, unless that ...

Get Risk Assessment for Asset Owners now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

Risk Assessment for Asset Owners by

CHAPTER 4: ASSET OWNERS

Don’t leave empty-handed

It’s yours, free.

Check it out now on O’Reilly