Guest
Guest
Create New Topic As guest or Sign in
Assign topic to the user
-
Starting the implemetnation
I have now opened the zip folder ISO 27001 & ISO 22301 and found two folders for ISO 27001:2019. Ask for explanation.
When I opened the first folder, I found documents that probably allow both standards to be processed in an integrated manner, is that correct?
I actually wanted to start one project after the other, and not both at the same time. I wanted to start with ISO 22301 separately, how is this possible please?
-
Risk Treatment and RTP
I have questions about risk management, I was wondering if you could help me with these.
Does ISO 27001 require a risk treatment plan as a one single plan or is it, applicable make risk treatment plans per risk and approvals per risk? And if it is applicable what elements per treated risks must be present (responsibility, timetable, etc.?) The question rises up, because of a risk software which allows make a risk assessment and treatment and plan treatment per risk bases, there is no means to collect all risks in a one single plan (in which has treatment descriptions).
Does ISO 27001 require documented comparison procedure of the controls (determined in 6.1.3 b) with those in Annex A? The question rises up, because before mentioned software has no means to make up control comparison in composed way e.g. a control table which to use for comparison (like Advisera Risk Treatment table template has). -
ISO27001 Toolkit materials
We recently purchased the Advisera ISO27001 Toolkit. We are working through the documentation and have a query we would appreciate your advice on. We believe we need to document the following couple of controls and policies:
Human Resources Security Policy
Data Leakage prevention policyWe noticed there are no templates for these in the Annex folder although they appear to be referenced in other provider template packs, are we missing files or can you point us in the right direction ?
-
Control A.18.1.2
Working on 18.1.2 (intellectual property rights), how can we prove compliance with this control? Do we simply need to have copies of the agreements we have with each piece of software used? And be prepared to prove that we are operating within the agreed terms?
-
Cybersecurity
Explain why business continuity and ISO standards are important in the context of cyber security. Using examples in your explanation
-
Mandatory and nonmandatory documents.
1. I hope everything is well with you
I HAVE Aquestion about ISO27001 Implementation Tool kit does the toolkit contoin or cover all the documents that I will need to comply with ISO27001 BECAUSE I notice for example when I Review the document internal audit checklist regarding control A6 YOU Need evidence for the are all information security responsibilities clearly defined through one or several documents? For example and if that compliant or not my question here I MUST CONDUCT Document for the A.6.1.1 AND A6.1.2 AND A6.1.3 AND A6.1.4 THIS IS MY QUESTION2. Also Iam confused regarding the document I Downloaded from ISO27001 Academy named checklist of mandatory documentation required by ISO27001 BECAUSE the document contain the part explain the non mandatory documents
And this part contain for example document about BYOD I CONFUSED BECAUSE THE DOCUMANTION TOOLKIT CONTAIN THE BYOD DOCUMENT WHICH IS RIGHT THE DOCUMANTION TOOLKIT OR THE DOCUMENTS WHICH I Downloaded from the ISO 27001 Academy
Please explain to me -
ISO 27001:2022 Documentation Toolkit
The advisera document toolkit for ISO 27001, ISO 9001& ISO 14001 has been a great help to our organization. We have a partnership with Advisera..
The much-awaited ISO 27001:2022 is finally here. Just want to ask the following questions:-
1. Whether ISO 27001:2013 version documentation toolkit can used in the transition of ISO 27001:2022 version. If yes, How can it be done and If no, please provide the reason also?
2. When will be Advisera ISO 27001:2022 documentation toolkit will be available? Any timelines for that
3. Can u please provide the quotes for Advisera ISO 27001:2022 Documentation toolkit?
-
ISO 27001:2022 Documentation Toolkit
Dear All,
Trust all is well
The advisera document toolkit for ISO 27001, ISO 9001& ISO 14001 has been a great help to our organization. We have a partnership with Advisera..
The much-awaited ISO 27001:2022 is finally here. Just want to ask the following questions:-- Whether ISO 27001:2013 version documentation toolkit can used in the transition of ISO 27001:2022 version. If yes, How can it be done and If no, please provide the reason also?
- When will be Advisera ISO 27001:2022 documentation toolkit will be available? Any timelines for that
- Can u please provide the quotes for Advisera ISO 27001:2022 Documentation toolkit?
Looking forward to hearing from you
-
Query Related to ISO 27001
Dear All,
Trust all is well
There is one client which is just a startup, who is providing IT enabled solutions and services and want to get ISO 27001 certification. But all their Infrastructure, security and IT development and services is provided and managed by a third party which ISO 27001 certified. Only sales marketing is done by the client.
Whether client should go for ISO 27001 certfication or not, even when there is only few employees and company is not yet operational
Looking foward to hear from you
-
ISO 27001:2013 Certification
First of all, I would like to congratulate you for your beautiful work, I follow you on your channels and we are partners with Advisera here in Brazil.
We are preparing for ISO 27001:2013 Certification, I would like to ask you a question, so that we can be successful in our certification, I need to focus on the mandatory documents and registration, these are the main requirements, and apply the controls that I use I need Annex A in view of my context and established scope, which are validated in my declaration of applicability.
my doubt is whether the way we are conducting the implementation process as mentioned i is correct! a big hug!