ISO 27001 & 22301 - Expert Advice Community



Create New Topic As guest or Sign in

HTML tags are not allowed

Assign topic to the user

  • COBIT, ITIL and ISO27001 comparison

    Hello ! is there any comparison between the COBIT, ITIL and ISO27001?

  • ISO 22301 Base policy

    So there is no policy directed for ISO 22301 base policy. Just IT security policy.  The ISO 27001 base policy will not work for ISO 23301. All these docs are distributed from the ISO 27001 academy. Where are the 23301 policy base documents?  Am I missing a vote on ShareFile?  I can’t see them.

  • BCM Manager tasks

    I am interested in the implementation of ISO 22301 in an organization. What is it that I need to do as a BCM Manager in order to make this journey? Including ISO 22301 courses that I may need to attend to obtain a better understanding.

  • Implementation timeframe

    We are considering buying the “27001 toolkit bundle”.
    What is a realistic timeframe to complete to be ready for audits?

  • Risk Assessment

    How do I combine below as one single tool: Risk Assessment Table, Risk Treatment Table, and Risk Treatment Plan?

  • ISO 27001 and LGPD

    What does ISO 27001 not cover in the LGPD?

  • Appendix 3 – Internal Audit Checklist for ISO 27001

    I’ve just bought your Internal Audit Checklist for ISO 27001. The zip file contains 3 similar documents:

    • Integrated: Appendix 3 – Internal Audit Checklist for ISO 27001
    • Premium: Appendix 3 – Internal Audit Checklist for ISO 27001 and ISO 22301
    • Cloud: Internal audit checklist for compliance with ISO 27001 (main clauses and Annex A), ISO 27017 (main clauses), and ISO 27018 (main clauses)

    I’m implementing ISO 27001 so I’m assuming the ‘Integrated’ version is the one I need to use when auditing that the SoA controls implanted are effective? If you could just clarify what each one can be used for, especially the cloud version, this would be great.

  • Difference between legal and other requirements

    My question is what is the difference between legal and other requirements?

  • Security assurance and Security assessment

    1. Do you respond to Security assurance questions?
    2. Can you provide an exec summary of Security assessment and remedial action?

  • Applicability of A 14.2.2 Change Management for staff augmentation companies

    Can we exclude A 14.2.2 if a company is a bodyshop for other company and the vendor only performs code changes, updations and customizations based on client change management policy.

Page 1 of 348 pages