Guest
Guest
Create New Topic As guest or Sign in
Assign topic to the user
-
ISO27001 Documentation and Accreditation - Thank you!
I received notification from my Auditor today that we have achieved accreditation with 0 non-conformities and in 6 months from commencement. I had never tackled this type of thing before I would like to say that I don't believe this would have been acheived had I not purchased your documentation and training videos along with this discussion site. I thank you very much for your support and material, it proved invaluable to me.
My next challenge will be ISO9001 and I will not hesitate to purchase your documentation again for this standard.
-
Doubts regarding the policy, scope ISO 27001:2013
Quisiera saber como puedo plantearme el hacer los procedimientos de mi empresa si el 95% de mi infraestructura esta en AWS.
Por ejemplo, quería pensar en si AWS puede compartirme su SOA para conocer sus objetivos y su justificación de los controles y asi alinearlos con los de AWS.
Los únicos equipos que están en las instalaciones son las PC y todas accesan via VPN a AWS. -
Scope of ISO 9001 and ISO 27001 integrated management system
Should the Scope of my ISO 9001 and ISO 27001 integrated management system be a separate document or could it be written as part of my manual?
-
Internal audit options
We have already purchased the templates. I was trying to get information on internal audit options. Is that something your company does or do you have suggestions on who to work with?
-
ISMS framework
I'm implementing ISMS framework for my company.
All the critical applications for critical processes are hosted on the cloud.
Clause 17 of ISO27001 requires Information Security aspects of Business Continuity management.
We don't have BCP/ DR plans in place.
Now clause 17 only focuses on ensuring Info Security arrangements in case of BCP & DR. So my question is - do I've to prepare full BCP/ DR plans to comply with the clause 17 requirements? Or is there any alternative for it? Please guide.