~/Cedric

Flaws in the management of access privileges to messaging gateways Vulnerabilities

No audit or supervision of accesses Vulnerabilities

The need-to-know principle is not respected Vulnerabilities

Are all authorisations granted in compliance with this principle?

Loss or poor management of original documents (support contracts, licences, etc.) Vulnerabilities

7f9edabc-4f02-11e9-b3ea-0800277f0571 Risks

Asset: Transportable equipment. Threat: Abuse of rights. Vulnerability: The equipment can be used for purposes other than those intended (development of software for use outside the organisation, etc.)

7f9edf1f-4f02-11e9-b3ea-0800277f0571 Risks

Asset: Transportable equipment. Threat: Fire. Vulnerability: Equipment using flammable materials (e.g. bulk printers producing dust)

7f9edb6d-4f02-11e9-b3ea-0800277f0571 Risks

Asset: Transportable equipment. Threat: Breach of information system maintainability. Vulnerability: Obsolete hardware

7f9edb91-4f02-11e9-b3ea-0800277f0571 Risks

Asset: Transportable equipment. Threat: Breach of information system maintainability. Vulnerability: Non-upgradable hardware

7f9ee1bc-4f02-11e9-b3ea-0800277f0571 Risks

Asset: Transportable equipment. Threat: Fraudulent copying or use of counterfeit software. Vulnerability: No management of profile privileges (administrators, users, guest, etc.)

7f9ee017-4f02-11e9-b3ea-0800277f0571 Risks

Asset: Transportable equipment. Threat: Saturation of the information system. Vulnerability: Incorrect sizing of resources (e.g. insufficient reserve time on a laptop battery).