Not logged in - Login
< back

Information Security Work Flow

Click on the titles for each sectionsection, and it will take you to the relevant sectionsections of the User Guide. The workflow below is the recommended workflow for completing informationdata ininput into Abriska to provide the outputs for an ISO 27001:2022 compliant risk assessment.

Set up

  1. Divisions
  2. Contacts
  3. Documents
  4. Risk Appetite

Assets

  1. Identifying information assets
  2. Identifying supporting assets
  3. Asset relationships
  4. Asset CIA scoring

Threats

  1. Mapping to Assets
  2. Mapping to Controls
  3. Scoring

Controls

  1. Control Applicability
  2. Control Ownership
  3. Mapping to assets
  4. Control Maturity Assessment

Risk Assessment

  1. Risk Assessment set up
  2. Risk Assessment steps
  3. Specific vulnerabilities
  4. Vulnerabilities Risk Treatment

Risk Register

  1. Risk Register Breakdown
  2. Risk decisions

Risk Treatment Plan

  1. Creating Risk actions
  2. Understanding risk treatment decisions

Reporting

  1. Statement of applicability
  2. Risk Register
  3. Risk Treatment Plan



    Return to Abriska User Guides