Free ebook: NIS2 ready using ISO 27001 best practices
Download ebook
Topics
ISO 27001
NIS2
Getting started
Framework management
Product security
Settings & advanced
Trial and subscription
User management
Community
Documentation
Personnel guidelines
Reporting
Task management
GDPR
Internal auditing
Personnel security
Risk management
Working as a partner
Continuous improvement
Team collaboration
Show all topics
Webinars
Introduktion till NIS2-direktivet, lokal NIS2-lagstiftning och Cyberdays ISMS
ISO 27001: Bygg en cybersäkerhetsplan som gör att du uppfyller kraven
Intro to NIS2 directive, local NIS2 laws and Cyberday ISMS
ISO 27001: Entwickle einen Cybersecurity-Plan, der deine Compliance sichert
Show all webinars
Videos
Asset documentation
Continuously improving your ISMS
Cyberday overall intro
ISO 27001 and certification audit fundamentals
ISO 27001 and personnel awareness
ISO 27001 and risk management
ISO 27001 introduction
Mastering NIS2 Compliance with Cyberday
NIS2 introduction
Show all videos
Helps
Admins
Documentation
Frameworks
Guideline mgmt
Other features
Partners
Reporting
Setup and integrations
Task mgmt
User management
Show all helps
Blogs
SOC 2: Working towards compliance
DORA essentials: Introduction, Scope and key requirements
Cyberday goes Cyber Security Nordic 2024!
Cyber Security in Supply Chain Risk Management
From Compliance to Collaboration: How NIS2 Encourages Stronger Supply Chain Security Collaboration
Show all blogs
Content library
Kiitos! Saat jatkossa uutiskirjeen sähköpostiisi joka perjantai.
Valitettavasti jotain meni pieleen. Voit olla yhteydessä tiimi@tietosuojamalli.fi.
Kiitos! Saat jatkossa uutiskirjeen sähköpostiisi joka perjantai.
Unfortunately something went wrong. You can contact us at team@cyberday.ai.
Cyberday.ai
Get started
Login
Academy home
Helps
Asset-based risk identification

Asset-based risk identification

For organizations that want to delegate risk assessment work to asset owners, we have developed a feature: asset-based risk identification. Asset-based risk identification enables more detailed risk identification and focus on key assets.

How to turn on the asset-based risk identification

Organization dashboard -> Settings

You can enable the asset-based risk identification from account settings. When this is enabled, all assets matching with the selections will show a separate risk identification section on their cards.

Risk management: Asset-based risk identification can be enabled from settings.

From settings, you will also choose documentation where risk identification is active and the priority level, which sets a level when the identification needs to be done.

If you enable asset-based risk identification  feature from settings, the selected asset's documentation cards will show a pending risk identification workflow.

How the asset-based risk identification is done

With the help of this workflow, asset owners identify detailed and relevant risks for this asset. Then they can continue normally forward with the risk workflow - straight from the asset's documentation card.

When document card has priority set to the accepted level, risk identification workflow will pop up to the documentation card.

Example how risk identification is shown in document card.

When you press "start risk identification" a list of suggested threats with summaries is shown. Now, it's time to choose which of these risks are relevant in this case. You can also create custom risk, if something relevant is missing.

Relevant threats are shown with descriptions.

Only after you've gone through all the suggested risks, picked the relevant ones and clicked "not relevant" on the rest, you can click "Create selected risks" and move forward.

Chosen risks can be worked on the document card.

Now that relevant asset-based risks are identified, you can delegate risks to relevant owners and work on the risks on the risk card from asset's documentation card.

For admins: edit template

As an admin, you can customise the asset-based risk identification template to better suit your organisation's needs. The editing is done from the asset card, using the Edit template button. The customisation is theme-specific.

You can select the threats from the example library that are relevant to your organisation, as well as tailor your own personalised threats that your organisation should consider during the risk identification phase. Once the threat list has been tailored to fit your needs, finish customizing. In the future, asset-specific risk identification will be done with customised threats.

Questions and feedback

Do you have any further questions, would need another help article or would like to give some feedback? Please contact our team via team@cyberday.ai or the chat box in the right lower corner.

Content

Share article

Other similar content from Academy

Help articles

No related help articles for topic.

Subscribe to Academy today

Elevate Your Knowledge with Exclusive Access to Weekly Webinars, Video Courses, Help Articles, and Blogs.

Kiitos! Saat jatkossa uutiskirjeen sähköpostiisi joka perjantai.
Valitettavasti jotain meni pieleen. Voit olla yhteydessä tiimi@tietosuojamalli.fi.
Topics
Framework management
Personnel guidelines
Personnel security
Continuous improvement
Product security
Show all
Webinars
Introduktion till NIS2-direktivet, lokal NIS2-lagstiftning och Cyberdays ISMS
ISO 27001: Bygg en cybersäkerhetsplan som gör att du uppfyller kraven
Intro to NIS2 directive, local NIS2 laws and Cyberday ISMS
ISO 27001: Entwickle einen Cybersecurity-Plan, der deine Compliance sichert
Show all
Videos
Mastering NIS2 Compliance with Cyberday
ISO 27001 introduction
NIS2 introduction
ISO 27001 and certification audit fundamentals
Asset documentation
Show all
Helps
Documentation
Partners
Other features
Reporting
Guideline mgmt
Show all
Blogs
DORA essentials: Introduction, Scope and key requirements
Cyberday goes Cyber Security Nordic 2024!
From Compliance to Collaboration: How NIS2 Encourages Stronger Supply Chain Security Collaboration
Agendium Ltd is now Cyberday Inc.!
10 compliance traps & how to avoid them
Show all
Content library
Open content libraryLabs
Kiitos! Saat jatkossa uutiskirjeen sähköpostiisi joka perjantai.
Valitettavasti jotain meni pieleen. Voit olla yhteydessä tiimi@tietosuojamalli.fi.