Guest
Guest
Create New Topic As guest or Sign in
Assign topic to the user
-
Statutory, regulatory, and contractual requirements (clause A.18.1.1)
Hope you can help me with a question. On your website the document below is listed among the mandatory documents:
Statutory, regulatory, and contractual requirements (clause A.18.1.1)
However in the toolkit file “List_of_documents_ISO_27001_Documentation_Toolkit_EN” it is not mentioned.
Also I cannot find a template in the toolkit.
Could you please confirm on whether this document is Mandatory or not and provide a template?
-
ISMS and BCMS
I am delighted to be able to start implementing the ISO 27001 standard. I have several questions as I begin to complete your documents:
1. In the document "PROCEDURE FOR THE CONTROL OF DOCUMENTS AND RECORDS", I have to choose between ISMS and SMCA.
When filling out the "PROJECT PLAN", I read one of your comments "Delete this text and the table if business continuity management is not part of the project."
Can we do both with your kit? Does choosing the ISMS automatically include the SMCA?
2.In the document "PROCEDURE FOR THE CONTROL OF DOCUMENTS AND RECORDS", we must define the Title of a post ensuring the conformity of the documents.
We are 5 in the company. I am the founder and I took charge of the file. Should I put my name, my post of "President" or other.
Can I put my role in this "Quality Manager" project?
-
ISO 27001 certification question
I have a question if the company is certified with iso 27001 does it mean that it's complying with all other regulations or board
-
Change in ISMS
What i also need, is a template, how i can documentate a change in the ISMS, not in general change management.
-
ISO stand out
I want to know what makes ISO 27001 stand out among the KSA cybersecurity regulation, what controls are not included in NCA ECC that makes ISO 27001 stands out
-
Third party requirement
What a third-party requirement is when they work for an ISO 27001 company? Do they also need to be ISO 27001 certified?
-
Minimum requirements for A.17 controls
Mi duda es como atender o cuales son lo mínimo a nivel de documentos, que debo tener desde seguridad de la información para atender los controles que corresponden a la A.17 en el ISO 27001:2013
-
Is SOC mandatory for ISO 27001?
For ISO 27001 SOC is mandatory? I am referring Security Operation Centre
-
ISMS Scope Extension
Hi All
I have implemented ISMS in one dept. which is IT and got the ISO 27001 certificate for the IT dept. as scope. Now I need to extend the scope to other dept. like admin , Finance , Trading and other division of organization. How can I do that and what steps should I take so that the requirements from 4 to 10 are fulfilled and also I can select some controls in annex A.
I have a doubt that I can extend ISMS in other dept. , can anyone please guide me how to extend this scope?
Thanks
-
Auditing suppliers - ISO 27001/Data Protection
We are using Conformio and also have your Data Protection kit. One thing common to both is the need to audit suppliers. Our supply contracts will not justify in person audits or even lengthy on line audits. I have your internal audit booklet, have been through your internal audit course a coupe of times and carried out an internal audit for our company. However, our supply contracts will not justify in person audits or even lengthy on line audits (like our internal audit).
Do you have any guidance/resource for carrying out a “lighter” audit e.g. checklists/questionnaires/guidance on what to look for? I can construct something but wondered if you had anything.