Not logged in - Login
View History

Information Security Work Flow

Click on the titles for each section, and it will take you to the relevant sections of the User Guide. The workflow below is recommended for completing data input into Abriska to provide the outputs for an ISO 27001:2022 compliant risk assessment.

Set up

  1. Divisions
  2. Contacts
  3. Documents
  4. Risk Appetite

Assets

  1. Identifying information assets
  2. Identifying supporting assets
  3. Asset relationships
  4. Asset CIA scoring

Threats

  1. Mapping to Assets
  2. Mapping to Controls
  3. Scoring

Controls

  1. Control Applicability
  2. Control Ownership
  3. Mapping to assets
  4. Control Maturity Assessment

Risk Assessment

  1. Risk Assessment set up
  2. Risk Assessment steps
  3. Specific vulnerabilities
  4. Vulnerabilities Risk Treatment

Risk Register

  1. Risk Register Breakdown
  2. Risk decisions

Risk Treatment Plan

  1. Creating Risk actions
  2. Understanding risk treatment decisions

Reporting

  1. Statement of applicability
  2. Risk Register
  3. Risk Treatment Plan



    Return to Abriska User Guides