Q: If we use an Archer ISMS FS, why should we use the App-Pack?
A: Slide five of the NTT presentation attached to this page summarizes the differences between the out-of-the-box use case and the NTT app-pack.
Q: I think that the risk assessment comes first before the control assessment. What is your opinion?
A: I agree when it comes to defining controls. The NTT app-pack uses the results of the controls assessment to calculate the risks, so it needs the controls assessment first.
Q: We already use an Archer ISMS FS. Can we use the app packs for the assessment purpose with the Archer ISMS FS?
A: The NTT app-pack uses ODAs, so from a technical point of view you can use both. Depending on how you use the FS, Cross-References might make sense.
Q: Does this accommodate ISO27701 (PIMS) in addition to ISO27001 (ISMS)?
A: The app-pack provides an approach and workflow. This is independent from the content that is used. In one of NTT's projects they support an OT-SMS and all the controls are related to OT-Security. Using this within a PIMS makes sense if the processes and approaches match.
Q: Is the IOT Assessment a questionnaire or an application?
A: The assessment are fields in the application. We are working on a more thorough assessment and will have another app-pack for that. This is a simple assessment for those not wanting anything too complex.
Q: Does the IOT app use Advanced Work-Flow?
A: Yes, the app-pack does use advanced workflow.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.