Re: Re: Information Risk - Vulnerability Assessment Checklist

[sfmailsbm () gmail com]

> > I don't have much directly on VA, more on audits and RA

Hi there, 
thanks for your reply and interesting refereneces; in fact I am refering to a VA in the context of doing a Risk 
Assessment, but not limited to IT Systems only, but to any information asset (i.e. including hardcopy)

e.g. improper handling of paper documents containing confidential information; any checlists that can help to guide 
identifying vulnerabilities

hope this clarifies the query

thanks again for your help