O'Reilly logo

ISO27001 in a Windows® Environment: The best practice handbook for a Microsoft® Windows® environment, Second Edition by Brian Honan

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

Chapter 4. Identify Your Information Assets

In order to know what protections and controls you should implement, it is important that you first understand what it is you are trying to protect. The standard expects that all information assets within the scope of the implementation of ISO27001 have been properly identified and a value placed on them.

So our first step in identifying our information assets should be to define the scope of the ISMS and identify what it will cover.

Define the scope of the ISMS

The scope is one of the most important items in planning your implementation of ISO27001. How broadly you define the scope will impact the amount of work and time required to roll out your ISO27001-based ISMS.

The scope of the ISMS could simply be ...

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, interactive tutorials, and more.

Start Free Trial

No credit card required