When to use this
Practical use
Use this as a working artifact. Fill it with real owners, dates, decisions, evidence locations, and review status.
Use this to record threat information that has been reviewed, contextualized, and converted into intelligence for risk, control, incident response, vulnerability, or management decisions.
Register
| Date | Source | Threat summary | Affected assets/processes | Relevance | Confidence | Decision or action | Owner | Due date | Status | Related risk/control |
|---|---|---|---|---|---|---|---|---|---|---|
| TBD | TBD | TBD | TBD | Low / Medium / High | Low / Medium / High | TBD | TBD | TBD | TBD | TBD |
Analysis checklist
- Source reliability considered.
- Threat relevance assessed against organizational context.
- Affected assets, suppliers, processes, or technologies identified.
- Confidence level assigned.
- Required action or decision recorded.
- Risk register updated where needed.
- Controls or monitoring updated where needed.
- Management briefed where business impact is material.
- Sensitive information was not exposed during research.
Related notes
- Template
- Iso27001
- A5 7
- Threat intelligence
Note Metadata
Aliases: Threat Intelligence Log
Source: 90 Templates/Threat Intelligence Register.md
Graph-sourced resources
Templates and evidence
Auditor evidence packs
Evidence collections and audit-facing verification material.
Related Notes
- Management Review
- Risk Assessment
- ISO 27001 A.5.7 - Threat Intelligence
- A.5.7 Audit Evidence Pack
- A.5 Organizational Controls Implementation Guide
- ISO 27002 Annex A Control Interpretation Map
- Asset Threat Vulnerability Risk Control Evidence Data Model
- A.5.7 Audit Checklist
- Template - Risk and Control Mapping Table
- Templates MOC