ISO 27001 & 22301 - Expert Advice Community

Home / ISO 27001 & 22301

Discussions

Top Contributors

Expert

Rhand Leal

4151
Discussions
Expert

Carlos Pereira da Cruz

1915
Discussions
Expert

Dejan Kosutic

365
Discussions

Most Popular Tags

Product: Conformio Product: ISO 27001 Documentation Toolkit Product: ISO 13485 & MDR Integrated Documentation Toolkit ISO 27001 Product: ISO 27001 & ISO 22301 Premium Documentation Toolkit Risk Assessment ISO 9001 Product: ISO 13485 Documentation Toolkit ISMS Internal Audit register of requirements Product: ISO 27001/Risk Assessment Table Product: ISO 27001 & ISO 27017 & ISO 27018 Cloud Documentation Toolkit Product: ISO 27001 Internal Auditor Course Product: EU GDPR Documentation Toolkit
Select
CREATE NEW TOPIC +
Guest

Guest

Create New Topic As guest or Sign in

HTML tags are not allowed

Select

Assign topic to the user

  • Roles and Responsibilities of the Board in Cyber Security

    I will appreciate any input to a paper I am writing to the board on the ‘The Roles and Responsibilities of the Board in Cyber Security.

  • Requirement from ISO 27001 for calibration

    Is there any specific requirement from ISO 27001 for calibration?

  • Independent review

    Can this requirement for 'Independent Review' be satisfied internally? That is, review of the ISMS policies and procedures by an in-house team that is not directly attached to the ISO 27001 effort?

    Can this requirement be satisfied through the ISO 27001 Certification process, citing the 2 minor audits between major certification as our Independent Review?

    Otherwise, what is the best course of action to meet this requirement, and could we gain and keep certification without using this control?

  • Corrective Action Plan

    I have a confusion on CAP sheet, is this made after audit or can it be included in the Audit Sheet or is it completely separate? (Read https://advisera.com/27001academy/blog/2013/12/09/practical-use-of-corrective-actions-for-iso-27001-and-iso-22301/) but not able to clarify.

  • Risk assessment and risk treatment methodology

    1. As per our meeting yesterday, you have suggested to calculate risk value as Impact + Threat + Vulnerability. How do I scale Threat and Vulnerability?

  • About sending project proposals

    Certain questions are confusing sometime... It depends how do you look at them...For example, see the following question...(Under Module 7, practice exam, last question).

  • Certification audit questions

    I have 2 questions:

  • CISA and ISO 27001 Lead Auditor

    I have more than 20 years IT experience, with 10+ years managerial experience. I am still working as an IT Manager, but strongly feel the need to prepare for the next level of my career, to change to infosec by getting a job with a Cyber security company before a final career switch into infosec consulting.

  • ISO 27001 applicability

    Tengo una pergunta el ISO 27000 y sus anexos se pueden integrar en un procedimiento de optimizacion de equipos de computo o solamente se integra para seguridad de datos?

  • Audit questions

    We are an Information security company. Of recent , we have been get RFP for IT Audit. I just wanted to know
Page 224 of 544 pages