richardk/iso27diy-corp
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

removed emoji from filenames, Obsidian changed all relevant links

Browse source
This commit is contained in:
Richard Kranendonk 2026-05-07 15:01:04 +02:00
parent d316285a74
commit 68f1c38681
638 changed files with 710 additions and 3176 deletions
Download patch file Download diff file Expand all files Collapse all files

13
Corpus/Sparks/Introduction for Organizational Structures.md Normal file
View file

@ -0,0 +1,13 @@
# Introduction for Organizational Structures
Identifying information security requirements, according to ISO 27000:2018 C.4.5.2:
Information security requirements can be identified through an understanding of the following:
a) identified information assets and their value;
b) business needs for information processing, storage and communication;
c) legal, regulatory, and contractual requirements.
Conducting a methodical assessment of the risks associated with the organizations information assets involves analysing threats to information assets, vulnerabilities to and the likelihood of a threat materializing to information assets, and the potential impact of any information security incident on information assets. The expenditure on relevant controls is expected to be proportionate to the perceived business impact of the risk materializing.