ISO 27001 & 22301 - Expert Advice Community

Home / ISO 27001 & 22301

Discussions

Top Contributors

Expert

Rhand Leal

4151
Discussions
Expert

Carlos Pereira da Cruz

1915
Discussions
Expert

Dejan Kosutic

365
Discussions

Most Popular Tags

Product: Conformio Product: ISO 27001 Documentation Toolkit Product: ISO 13485 & MDR Integrated Documentation Toolkit ISO 27001 ISO 9001 Product: ISO 27001 & ISO 22301 Premium Documentation Toolkit Risk Assessment Product: ISO 13485 Documentation Toolkit ISMS register of requirements Internal Audit Product: ISO 27001 & ISO 27017 & ISO 27018 Cloud Documentation Toolkit Product: ISO 27001/Risk Assessment Table ISO 14001 Product: ISO 27001 Internal Auditor Course
Select
CREATE NEW TOPIC +
Guest

Guest

Create New Topic As guest or Sign in

HTML tags are not allowed

Select

Assign topic to the user

  • Business continuity and ISO 27001

    How business continuity management is represented in the ISO 27001 track and if these business continuity practices can be joined with those from other standards (like the BIR 31111 & ISO 22301 ) in order to come up with the best practices for BCM?

  • Template content

    Which of your documents include the step by step process of implementing a business continuity plan after being created?

  • Questions about document management

    I've purchased toolkit for ISO 27001 and right now I am going through various documents.
    1. As far as I understand the offer, the package includes unlimited questions via email, right?
    2. I am looking for areas regarding data retention and requirements from ISO 27001 standards. Does ISO 27001 require a definition of "data retention"? I haven't found any control about it nor template in the toolkit.
    3. Does ISO 27001 require to keep "Records of erasure"?
    4. Does "Records of erasure" are applicable in case of offboarding or also as part of retention of data? Offboarding employee = Termination of Contract with Employee. That means that as part of the offboarding checklist the access is removed and his laptop is "erased" for reuse by another person. With my understanding, that provides enough evidence that device/laptop/asset has been erased and satisfy A.11.2. Is it the right understanding?

  • Career development of information security

    I have over 12 years of experience in ITES in Infrastructure Services including recent 5 year's experience in the eDiscovery domain. I am currently working as an Assistant Manager and would like to move my career to Information Security domain and also seeking for next level position as well in my current org. I would like to know which certification would help me to grow ISO 27001 or CISM.

  • BCM policy gap analysis

    I am intending to perform a BCM policy gap analysis - which of the documents would be best suited for this purpose. I have the GPG 2018 an ISO 22301 and have referenced the aforementioned.

  • Review of Control A13.1

    Hello Team, how do you review Control A13.1 when it is hosted on AWS?

  • ISO standards related to ISO 27001

    I work in security and want to focus on iso 27001, what other iso's are related to 27001 and to what clause? I've seen a few mentioned now.

  • ISO 27001 and scrum

    Hi, I wonder if you can share views or references regarding ISO 27001 compliance efforts for companies adopting Agile SCRUM for software development. I'd love to know as well from ISO 27001 auditor's view on that.

  • Infosec policies

    I found a simplified security policy which encapsulates a lot of the policies provided in the tool kit but at a higher level. Would something like this be appropriate for our implementation of ISO 27k and would it be appropriate for an audit?

  • Risk management manual

    The question is to develop a "risk management manual" for any organization of my choice
Page 218 of 544 pages