Risk Assessment using the BITS Calculator
Our group has decided to use the bits Calculator which is attached for our risk assessment. I have several questions to the audiance...
We have already gathered our Hardware and software assets.
1. Can we perform the BITS to Hardware and Software assets at the same time (Same Tab on the workbook)
or do we perform to each.. Hardware then Software and place the N/A (Not Applicable) to the ones that are not relevant.
2. Has anyone grouped their paper assets into one. Meaning how did you break up the groups of paper. by classification level?. (i.e Public trust, confidential, general. I am confused on how to define our paper assets as well as documents that are stored on the servers...
Many thanks to all who respond...
FYI to anyone who needs a copy of this elaborate spreadsheet.