No video :(

2020 -Assets Based Risk Assessment under ISO 27001:2013

Подписаться 848

Просмотров 22 тыс.

50% 1

If you are exploring the videos for risk assessment subject in ISMS, you have reached here correctly. You will learn in details how to assess the risks for ISMS ISO/IEC 27001:2013.
Risk Management is a crucial part of the big subject of implementation of the standard, ISO 27001:2013.
I am Sanjay Gore Pune India
My email id is sanjaygore99@gmail.com
Phone 919881099604
My LinkedIn Profile / sanjaygore

Опубликовано:

26 авг 2024

Ссылка:

Скачать:

Готовим ссылку...

Добавить в:

Мой плейлист

Посмотреть позже

Комментарии : 88

@RS-ws5lh 7 месяцев назад

Thank you sanjay, your video is more understandable, when ever I used to get doubt I will watch your videos.

@SanjayGore 7 месяцев назад

Thanks you very much. I am happy that my little efforts are helpful for you to understand.

@phathiswabam2630 Год назад

Thank you very much for knowledge sharing. This is talking about perfect timing for me.

@SanjayGore Год назад

Thanks I am happy my efforts are useful for your help, may be a very samll. Thank again for communicating it to me.

@9959636785 3 года назад

I saw many videos sir, but u explained it very clearly.... Thank you so much

@SanjayGore 3 года назад

Thanks. You are welcome.

@anilkarmarkar5664 4 года назад

Really good one, and useful even basics will get clear , particularly for professionals who are running mfg companies and infrastructure companies .

@SanjayGore 4 года назад

Thanks for those good words.

@musfarkoodakkara3603 Год назад

Thank you so much for these wonderful sessions, sir. Kindly do post more on GRC based sessions. Keep posting some real time practical kind of stuffs if possible. Eagerly waiting for upcoming videos.

@SanjayGore Год назад

Thank you so much for those kibd words. Sure, I will post as suggested by you. Keep engaging. Thanks again.

@arsalananwar8265 Год назад

11 new controls introduced in the ISO 27001 2022 revision: A.5.7 Threat intelligence A.5.23 Information security for use of cloud services A.5.30 ICT readiness for business continuity A.7.4 Physical security monitoring A.8.9 Configuration management A.8.10 Information deletion A.8.11 Data masking A.8.12 Data leakage prevention A.8.16 Monitoring activities A.8.23 Web filtering A.8.28 Secure coding

@SanjayGore Год назад

What you say is a revision in ISO 27002:2013 replaced with 27002:22. Secondly, it is not an addition but a replacement. And the revised ISO 27001:2022 is yet to come.

@arsalananwar8265 Год назад

@@SanjayGore What's the latest version of ISO 27001? ISO 27002 A comprehensive update of ISO 27001 is expected to be released in October 2022. Once updated, the latest version of ISO 27001 will align with changes made to ISO 27002 and published in February 2022.

@hashamkhan8477 Год назад

Thank you so much Sir. I really learned a lot about RA on Assets today. I have subscribed your channel and planning to spend lots of time and watch all your videos on BC stuff. Love from Canada

@SanjayGore Год назад

Thank you very much for those good words. Also thanks for subscribing.

@Awesomeite4life 3 года назад

This was very insightful. Really appreciate the efforts taken to explain this concept.

@SanjayGore 2 года назад

Glad it was helpful!

@preritshah9915 4 года назад

Content covered is quite useful for both beginners and experts in the Industry, great delivery. The background music is a little disturbing.

@SanjayGore 4 года назад

Thank you, Prerit

@ravindranadig9045 4 года назад

Simple and effective presentation of the concept. Thank you for sharing.

@SanjayGore 4 года назад

You are welcome

@solomona8695 Год назад

Thanks for sharing. The content was really good and well-presented.

@SanjayGore Год назад

Thanks Solomon for these kind words.

@spmanoj123 Год назад

Great thanks for this wonderful practical session of RA.

@SanjayGore Год назад

Thank you for those good words.

@NagarjunKoujula 7 месяцев назад

Very Informative and Valuable Sir Thank you for sharing Valuable Knowledge 🙏

@SanjayGore 7 месяцев назад

Thank you very much. I am happy that my little effort helped you understand certain concepts.

@dessert91 2 года назад

good content sir. I have watched it several times.

@SanjayGore 2 года назад

Thank you very much

@YESCHEMISTRY 2 года назад

Nicely explained.. thank you sir

@SanjayGore 2 года назад

Thanks for those good words. It inspires me to do more.

@khushhallonkar 4 года назад

You have made it look very simple. Thank you.

@SanjayGore 4 года назад

Thank you Sir

@anitapanchal9152 Год назад

Thanks you soo much sir for sharing knowledge

@SanjayGore Год назад

Thanks. You are welcome. Please subscribe and share the video.

@danishdurrani 4 года назад

Good intro and very useful

@SanjayGore 4 года назад

Thank you, Danish. Some of the concepts presented are learned through you; while I was in Saudi.

@ShivajiMirashe 3 года назад

Very nice and learning this session. Thanks you Sir.

@SanjayGore 3 года назад

Thank you very much Sir for those kind words. It is my pleasure.

@HaseebKhan-cx1sh 2 года назад

Excellent work, Sir; I appreciate your efforts

@SanjayGore 2 года назад

👍 Thanks

@farhancpa 2 года назад

sir, you should example like what are corrective controls, detective controls etc. just reading from the slides don't help much

@abhijeetupadeo2052 4 года назад

Highly appreciate the simplification

@SanjayGore 4 года назад

Thanks

@KhurramShahzad-qb5sk 9 месяцев назад

risk level didvided in 4 equal parts, if impact is medium and likelihood is medium then with this table final risk come in low number. same if high impact and high likelihood then risk result come in medium block. how you can explain this

@marcellosarica9640 2 года назад

Sorry, I'm Italian but I don't understand much of what you say. You have a strong Indian accent. You should post subtitles.

@manohargudekar3639 4 года назад

Very well done 👍

@SanjayGore 4 года назад

Thanks, Manohar.

@suryakantbhadale9556 4 года назад

Critical concepts made simpler

@SanjayGore 4 года назад

Thanks, Suryakant. Many of these are learned with you when we were preparing for CISA long back in 2004

@funkyputul 2 года назад

Simple and to the Point, very well explained.

@SanjayGore 2 года назад

Thank you these good words.

@inspiretobepositive 2 года назад

Great work sir

@SanjayGore 2 года назад

Thanks, Jayesh.

@abodhkant9493 2 года назад

Nicely explained sir. Thankyou so much for such a clear and nice contents. Sir could you please also make a video on CIA rating criteria, I mean how to decide 1~4 rating for Credibility, Integrity and availability?

@SanjayGore 2 года назад

Yes. Thanks for suggestion.I will do it. It confidentiality and not credibility.

@abodhkant9493 2 года назад

@@SanjayGore Thankyou Sir..!!

@shahrukhdaud7989 11 месяцев назад

👍👍👍

@Kris9341 2 года назад

Hello Sanjay, thanks for this great resource. Please I have a question. My question is; in the table below, I have various threat values for assetname "Laptop" and again had various threat values for assetname "Database server". In this situation, which of the threat values should I take as the actual threat value for a specific (single) asset? Assetname Threats Frequency Impact Value Threat Threat Value Laptop Virus & malware 4 4 16 4 Data & information theft 4 4 16 4 vandalism 3 3 9 3 unauthorized access 1 2 2 1 Ransomware 2 2 4 1 Date deletion 1 3 3 1 Database server Sql injection 3 4 12 3 Virus & malware 4 4 16 4 Data & information theft 4 4 16 4 vandalism 3 3 9 3 unauthorized access 1 2 2 1 Ransomware 2 2 4 1 Date deletion 1 3 3 1

@sanatkolhatkar.2646 4 года назад

Interesting Video..!!

@SanjayGore 4 года назад

Thanks Sanat.

@madhavvaidya1208 3 года назад

Good to listen new. Topic voice quality requires improvement also विडिओ wiil be more effective if points are written on blackboard and explain slowly by taking a sample case say of any startup hypothetically

@furiousruffian6041 3 года назад

Sir, request if you could also make a video based on Context. Normally, it is called as Context Based Risk Assessment. Thanks

@SanjayGore 3 года назад

Sure. Your suggestion is well taken. Thanks for that.

@furiousruffian6041 3 года назад

@@SanjayGore looking forward to a fantastic video

@NavaneethE 2 года назад

who will decide asset value is it data owner / asset owner or auditor/implementer ?

@SanjayGore 2 года назад

Thanks for the query. The assets value is decided by the risk owner and assets owner. In the risk assessment, the asset-owner is the occupier of the assets (information). As we have seen that the organization should define the risk owner while developing the assets register. So the asset- value is decided by the asset owner. Thanks for your query.

@NavaneethE 2 года назад

@@SanjayGore Thanks

@jeangrace6749 11 месяцев назад

How to compute vulnerability?

@SanjayGore 11 месяцев назад

Thanks for your query. The vulnerability is other side of effectiveness of control. More the effectiveness of control lesser the vulnerability and vice versa.

@kamalabdulawel6457 4 месяца назад

Hi everybody, i dont get the result of probability × impact value can become 4.

@SanjayGore 4 месяца назад

Can u further through some light, for me to explain more?

@kamalabdulawel6457 4 месяца назад

Hello Sanjay, thanks for the quick reply and your great Präsentation. I dont understand how the threat value is calculated. In your präsentation it says threat value is probabilty * impact value. This Value is larger than 1 -4 how do you get your Threat Value exactly. Is ist just estamation.

@arisocariza5334 2 года назад

is it okay to use -> Asset + Threat + Vulnerability = Risk

@SanjayGore 2 года назад

Yes. The organization can use eighter + or x as per convenience. But popular is X

@usmanshahzad3158 11 месяцев назад

Where is the impact section goes ?

@SanjayGore 11 месяцев назад

Thanks for your response. Likelihood multiplied by Impact becomes Threat Value. Impact is the assessment of severity of the threat. Hope this suffices your query. Thanks again for asking the question.

@usmanshahzad3158 11 месяцев назад

@@SanjayGore it's clear so we calculate the risk score as threat*vul* asset value, please correct me if I am wrong

@SanjayGore 11 месяцев назад

@@usmanshahzad3158 Your statement is correct, Sir.

@darasridhar 4 года назад

Background noise is very disturbing...

@SanjayGore 4 года назад

Thanks,. Will take care in next video.

@SanjayGore 4 года назад

Thanks, Sridhar for your suggestion. I tried to edit the file online to remove the music altogether, but it affected the file itself. I am not a professional video editor, hence could not exactly cut the noise. My trial and error effected in very disturbing scenarios, and since it is in the beginning it may affect the moment of truth. So, ultimately I had to revert back to the original. Your suggestions are valid and big thanks for that. In my next uploading, I will take care of that. Your suggestion gave an opportunity to learn how to edit the already uploaded video to youtube.