~/Cedric

7f9fc507-4f02-11e9-b3ea-0800277f0571 Risks

Asset: Desktop computer. Threat: Forging of rights. Vulnerability: Authorisation management is flawed

7f9fc3d7-4f02-11e9-b3ea-0800277f0571 Risks

Asset: IT Room or Datacenter. Threat: Failure of air-conditioning. Vulnerability: No revision of air-conditioning needs when premises are modified or equipment is added.

7f9fc464-4f02-11e9-b3ea-0800277f0571 Risks

Asset: Software development. Threat: Malware infection. Vulnerability: No code review or intrusion tests

7f9fc4d8-4f02-11e9-b3ea-0800277f0571 Risks

Asset: Multifuntion Printer. Threat: Abuse of rights. Vulnerability: The supplier does not manage remote maintenance properly

Medium and supports whose characteristics allow eavesdropping (e.g. Ethernet, wireless communication systems) Vulnerabilities

What type of medium? Encrypted format? Encrypted content?

7f9fc565-4f02-11e9-b3ea-0800277f0571 Risks

Asset: Desktop computer. Threat: Malware infection. Vulnerability: Update management (patches) is flawed

No contractual clauses guaranteeing cover of the activities if a crisis is declared at the supplier's site Vulnerabilities

No contractual clause covering the quality of service of systems placed under limit conditions (intense demand on the system, input of non-compliant data, input of data corresponding to operating limits) Vulnerabilities

OpenPGP key server - WIP GDPR records of processing activities

OpenPGP key server (Work In Progress)

No maintenance procedure Vulnerabilities

Is there a maintenance procedure? Are the staff members internal or external? Are they supervised while working? Are there contracts? Is there an NDA?