ISO 27001 & 22301 - Expert Advice Community

Home / ISO 27001 & 22301

Discussions

Top Contributors

Expert

Rhand Leal

4151
Discussions
Expert

Carlos Pereira da Cruz

1915
Discussions
Expert

Dejan Kosutic

365
Discussions

Most Popular Tags

Product: Conformio Product: ISO 27001 Documentation Toolkit Product: ISO 13485 & MDR Integrated Documentation Toolkit ISO 27001 Product: ISO 27001 & ISO 22301 Premium Documentation Toolkit Risk Assessment ISO 9001 Product: ISO 13485 Documentation Toolkit ISMS Internal Audit register of requirements Product: ISO 27001/Risk Assessment Table Product: ISO 27001 & ISO 27017 & ISO 27018 Cloud Documentation Toolkit Product: ISO 27001 Internal Auditor Course Product: EU GDPR Documentation Toolkit
Select
CREATE NEW TOPIC +
Guest

Guest

Create New Topic As guest or Sign in

HTML tags are not allowed

Select

Assign topic to the user

  • System/App Retirement & Decommissioning

    Hi, What would be the most appropriate ISO 27001 control sets relevant to system/app decommissioning? I want to reference them in a procedure document. Thanks, Brian.

  • Statement of Applicability

    I am trying to understand if I need to refer to all the controls of Annex A. Meaning - do I need a table of compliance that indicates which controls I used and marked the others as NA - or a similar tool ? I read paper that you wrote and it does not refer to the above specifically. Can you please clarify ?

  • Risk assessment approach

    I’m currently working on research on the best option for Risk-Assessment (RA) Methodology and Templates. I believe that, a process based RA methodology would be more easily applicable in our case(For upstream Oil&Gas company) than an asset based methodology.

  • Record management

    In addition to our conversation, I would like to clarify where in the Toolkit (or something else) there are templates of the documents which describe the procedures for recording and storing information about information security incidents, as well as managing them.

  • Security and compliance

    Which will be the certification to take for someone working in Security and compliance department in an organization - software development organization?

  • Annex A controls

    I'm a Cyber Security student trying to understand a little more about ISO 27001:2013. Would you be able to provide a summary of the control sections in Annex A please?

  • ISMS Manual

    Do you know if an ISMS Manual is still required for compliance with ISO 27001? I have read that this feature is not required anymore.

  • CMMI and ISMS

    Is there any material I can refer to which integrates / maps CMMi and ISO QMS and ISMS?

  • ISO 27001 in designing projects

    Gostaria de entender melhor como a ISO27001 pode me ajudar na elaboração de projetos para segurança física - hardware - sou fabricante.

  • Use of encryption and ISO 27001

    Does ISO 27001 require the use of encryption for data at rest or is its implementation based on the risk assessment tolerance of the company?
Page 226 of 544 pages