Guest
Guest
Create New Topic As guest or Sign in
Assign topic to the user
-
Performing BIA
How about something for conducting a first-time BIA in-line with the ISO 223nn's? Ask 101 people and there are 101 ways to do it and each person will have their idiosyncrasies (especially me!) ISO 223nn don't really help people, even those who can afford to purchase them, and particularly those new to BC. -
Supplier security
I have a partner no1 provide sale and installation of software to partner no 2 that give functionality to a prime customer. Question does partner no 1 have to fulfill some security clause of ISO 27001 annex A? -
Templates content
I need the following documents, and I can not find them on our site. Can an expert suggest something? -
ISO 27001 Toolkit content
We have been filling up all the documents according our needs in order to achieve the certification successfully. However, we have realized that there are some documents that are not in the zip file. For instance: Anexo_A.5 Information security policies and Anexo_A.18 Compliance. Those documents should be in Spanish. I would appreciate your thoughts about this. -
Certifying organizations
Hi, we are an Information Security Consulting and Auditing Company. We are well established in the information security space and have been doing PCI DSS audits for about 9 years. We have a client who would like us to certify them for ISO 27001. We have an auditor in the team, who is certified as a ISO 27001 Lead Implementer. What will it require for us to become a company who can perform a ISO 27001 Auditor? -
Becoming internal auditor
I am B.E. (Mechanical) and Qualified Six Sigma Green Belt with over 4 years of industry experience in large, fast-paced multi-line facilities. Currently working in XXXXX as Production- Manager, handling all Production activities of XXXXX manufacturing and assembly plant in XXXX. -
ISO 27001 and COBIT
I'm new to COBIT. My initial question was can an organization have ISMS in place based on COBIT alone? -
Templates for ISO / IES 27033 -2
I would need your help, for ISO / IES 27033 -2 could please share some documentation or template for information gathering. -
Controls selection
Firstly, I have spent the past few days reviewing samples of your 27001 templates and training materials … very impressive … Thank You … it’s a great resource. May I ask a question? As it will influence whether XXXXXX go for a 27001 certified ISMS. XXXXXX is mandated to implement and maintain an ISMS, I have been made responsible for delivery of the ISMS project and have executive support and resourcing (people and finances). I would prefer to use 27001 for the ISMS (so we can be certified), however XXXXXX do not wish to use any of the 27002 controls, instead XXXXXX have invested our efforts in CIS20 controls. I understand XXXXXX select whatever controls are relevant, however my concern is if I don’t refer to any of the 27002 controls listed in Annex A of 27001, then XXXXXX will not be able to certify to 27001. -
SOC 2 Audit Compliance
I need your help in gathering insight on how to do SOC 2 Audit Compliance in our organization.