That spreadsheet is very complicated. Do you have to answer all the questions on that? Some of the things are very subjective, like "VERY LIKELY " and "MEDIUM" and "LOW" etc. /quote]
It is very subjective. But there are a lot of aspects that are pretty concrete like listing the assets and possible methods of access.?
It seems complicated but it just takes a long time to fill out. There are some subjective portions that require to assess the possibility of certain events. (e.g. a break in). Whether or not things like disk encryption are necessary. Disk encryption just protects physical theft for example.
You can just recycle it for the following years. Usually you want to reduce the number of risks each year.
And what practical solution do you propose for setting permissions?
You can grant users access individually using Shared Folders feature in the SBS console, but a better way would be to use the Security Groups feature of the console.
You can make a group called AC Users and grant them full permissions to the folder.
.png "ACUF Donor I")
