ISO 27001 & 22301 - Expert Advice Community

Home / ISO 27001 & 22301

Discussions

Top Contributors

Expert

Rhand Leal

4151
Discussions
Expert

Carlos Pereira da Cruz

1915
Discussions
Expert

Dejan Kosutic

365
Discussions

Most Popular Tags

Product: Conformio Product: ISO 27001 Documentation Toolkit Product: ISO 13485 & MDR Integrated Documentation Toolkit ISO 27001 Risk Assessment Product: ISO 27001 & ISO 22301 Premium Documentation Toolkit ISO 9001 Product: ISO 13485 Documentation Toolkit ISMS Internal Audit register of requirements Product: ISO 27001 & ISO 27017 & ISO 27018 Cloud Documentation Toolkit ISO27001 Product: ISO 27001/Risk Assessment Table Product: ISO 27001 Internal Auditor Course
Select
CREATE NEW TOPIC +
Guest

Guest

Create New Topic As guest or Sign in

HTML tags are not allowed

Select

Assign topic to the user

  • ISO 27001 in pandemic

    I wonder how (most) of ISO 27001 can be applied in a world where everyone is WFH. And that's before even thinking about the information security issues with all the SaaS everyone is suddenly dependent on (Zoom...)."

  • Question about policy

    Thanks for your continuous insight into Management Systems.
    I have 2 questions on my mind.

    1. Is there any document showing how to link policies? That is which policies are dependent on which policies?

    2. How to show risks of inadequate leadership in a nice way

  • Risk treatment plan

     If we have identified a control in the SoA that is a legal requirement or a management decision to implement, can I document the associqated tasks in the RTP or should I create a seperate spreadsheet to handle these?

     

     

  • Toolkit content

    which product has A.18. Compliance i stopped by yesterday to ask about this we have the toolkit but I don't think it inclues this one is there a different one which may?

  • A.12.6.1 Management of Technical Vulnerabilities

    Hi I'm a customer with a question - is there anything specific regarding patching in the toolkit that we purchased. I see that the ISO has a standard: A.12.6.1 Management of Technical Vulnerabilities but not sure there's this document in the toolkit

  • Difference in clauses

    When I read ISO 27001 I had one question, I wanted to inquire about it, what is the difference between clause (6.1.2) and clause (8.2), as well as clause (6.1.3) and clause (8.3), is it just a repetition of the information? Please explain. Thank u very much

  • Question about policy

    1. Is there any document showing how to link policies? That is which policies are dependent on which policies?

    2. How to show risks of inadequate leadership in a nice way.

  • Disaster recovery plan difference

    1. Can you please advise what the difference is between the EN and the cloud documents (screenshot below)? The READ THIS FIRST does not explain. I checked the Table of Contents. Is it for different scenario’s depending on if existing systems are cloud-based or on-premise? Apologies but I thought it would save time to ask.

    2. Also, I can open the files on my personal computer but when I copy them to my organizations network, they won’t open even when I rename them They must be blocked by our own security filters.

  • Objective for certification the university

    5 clear objective for certification the university would like to achieve according to iso22301 that is the questions

  • Annex A

    1. ISO 27001 Annexe - I have a question regarding A 14 System acquisition, development, and maintenance. We are a software development company. Does this part apply to software we develop (as a business) or only for internal soft we could develop I mean for internal use?

    2. ISO 27001 A 15 - May I apply this measure to the Critical IT supplier Only? Or should I apply to all suppliers?

    3. In annex A can we justify that we do not choose a measure by saying "company capacity is to light" or things like that?
Page 183 of 544 pages