ISO 27001 & 22301 - Expert Advice Community

Home / ISO 27001 & 22301

Discussions

Top Contributors

Expert

Rhand Leal

4151
Discussions
Expert

Carlos Pereira da Cruz

1915
Discussions
Expert

Dejan Kosutic

365
Discussions

Most Popular Tags

Product: Conformio Product: ISO 27001 Documentation Toolkit Product: ISO 13485 & MDR Integrated Documentation Toolkit ISO 27001 ISO 9001 Product: ISO 27001 & ISO 22301 Premium Documentation Toolkit Risk Assessment Product: ISO 13485 Documentation Toolkit ISMS register of requirements Internal Audit Product: ISO 27001 & ISO 27017 & ISO 27018 Cloud Documentation Toolkit Product: ISO 27001/Risk Assessment Table ISO 14001 Product: ISO 27001 Internal Auditor Course
Select
CREATE NEW TOPIC +
Guest

Guest

Create New Topic As guest or Sign in

HTML tags are not allowed

Select

Assign topic to the user

  • Implementation of ISO 27001

    Are there any articles that will help me understand how 27001 is implemented in an organization?

  • "Shall be documented" phrase

    I have a question for you - 22301 you issue a statement that suggested there are mandatory and non mandatory controls - with the shalls how does this work?

  • ISO 27001 clauses

    I am currently taking the ISO 27001 Foundations class. Course is great. However what I need help with is the Clause. For example Clause 4.3 determining the scope. Where do I can a get a copy that list the all the clauses in detail? Is there a compliance document listing all clauses in detail like for example, a CJIS policy?

  • Confidentiality levels

    Are the following confidentiality levels adequate, or would you recommend a different confidentiality level?

  • Applicability of ISO procedures

    If I already wrote the ISO policies and procedures, how do I measure the applicability in practice? I mean to what extent people in the company ave applied them into practice?

  • ISO 27017/27018 controls

    Following on from ISO 270017/18 docs combined with ISO 27001 - Are there any controls that only relate to SO 270017/18 and not 27001 ?

  • How to Monitor/Update the Risks in Risk Register?

    Hi, I have implemented ISMS and have a risk register with all the risk( High, Medium and Low). It's being a year now that I have not updated the Risk Register and also new risk is there to be added. My question is how should I update and add/remove risks in the register? 1)Should I update the sheet with the revision number? 2) Should I remove the risks which already mitigate and are in the residual risk category? 3) Should I keep on adding new risks and keep all the old risks intact? My concern is since the risk assessment in a PDCA cycle and new risks will emerge every day, how should I maintain my risk register? Please advise Thanks

  • ISO 27002

    Hi, what I am looking for is an extremely detailed description on each control catalog number (i.e.: A.5.1.1-1 or A.7.2.1-1 or A.10.1.1-1). So basically I am not looking for the policy but for an extremely detailed description on which the policy as an outcome will be based on. I can send you 2 example as I have finished with 2 but would need all. Do you have any package which contains those?

  • Procedure for document and record control

    In reference to the procedure for control of documents and records, is it exclusively for documents that have to do with the ISMS or does it apply to all the documentation in general of the company?

  • Book Secure & Simple

    How to coordinate the ISO 27001 foundation course study with the book " Secure & Simple" ?Which method do you advise for that ?
Page 246 of 544 pages