Information Security Work Flow
Set up
- Divisions
- Contacts
- Documents
- Risk Appetite
Assets
- Identifying information assets
- Identifying supporting assets
- Asset relationships
- Asset CIA scoring
Threats
- Mapping to Assets
- Mapping to Controls
- Scoring
Controls
- Control Applicability
- Control Ownership
- Mapping to assets
- Control Maturity Assessment
Risk Assessment
- Risk Assessment set up
- Risk Assessment steps
- Specific vulnerabilities
- Vulnerabilities Risk Treatment
Risk Register
- Risk Register Breakdown
- Risk decisions
Risk Treatment Plan
- Creating Risk actions
- Understanding risk treatment decisions
Reporting
- Statement of applicability
- Risk Register
- Risk Treatment Plan