ISO 27001 & 22301 - Expert Advice Community

Home / ISO 27001 & 22301

Discussions

Top Contributors

Expert

Rhand Leal

4151
Discussions
Expert

Carlos Pereira da Cruz

1915
Discussions
Expert

Dejan Kosutic

365
Discussions

Most Popular Tags

Product: Conformio Product: ISO 27001 Documentation Toolkit Product: ISO 13485 & MDR Integrated Documentation Toolkit ISO 27001 ISO 9001 Product: ISO 27001 & ISO 22301 Premium Documentation Toolkit Risk Assessment Product: ISO 13485 Documentation Toolkit ISMS register of requirements Internal Audit Product: ISO 27001 & ISO 27017 & ISO 27018 Cloud Documentation Toolkit Product: ISO 27001/Risk Assessment Table ISO 14001 Product: ISO 27001 Internal Auditor Course
Select
CREATE NEW TOPIC +
Guest

Guest

Create New Topic As guest or Sign in

HTML tags are not allowed

Select

Assign topic to the user

  • ISO 27001 Toolkit content

    1 - I don't see the data classification matrix in your 27001 toolkit. Can you help with it?

  • Risk assessment and treatment for ISO 27001 and ISO 22301

    I’m currently working on a Business Continuity and Disaster Recovery project for my company with the aim of becoming certified in ISO 22301. My colleague is an information security analyst and she’s working on an Information Security project with the aim of becoming certified in ISO 27001.

  • ISO 27001 Lead Auditor

    I am network security professional and having around 6 years of experience, and I am interested in auditing and I want to move in the auditing domain. So I am planning to have ISO 27001 Lead auditor certificate, I need your advice will it be good to start with ISO or anything else I need to do first.

  • Toolkit content

    1. I've been alerted of a possible missing document in the the 27001 toolkit, titled "Definition of security roles and responsibilities" and deemed as mandatory. I actually didn't find it. Can you please kindly check?

  • Responsibilities in ISMS implementation

    I work as a team lead. I want to know about my responsibilities in ISMS implementation, what are the documents I shall submit for audit, what type of questions they may ask. How do I represent development team in audit.

  • Risk owner for the use of mobile devices

    As most companies, many staff use their own mobile to access company emails. So they are the Asset owner but who is the Risk Owner?

  • Annex A controls - flexibility in declaring the applicability

    From the 'security controls'- Annex A domain A.5 till A.18 - What is my flexibility as am organization to decleare what is relevant for my organization and what is not. For example, in the A7 HR domain, can I just declare that caluse 7.2.3 -Disciplinary Process is not relevant here hence we are not interested to apply it here therefore I can skip it?

  • Toolkit for becoming compliant with ISO 27033

    I am looking for a solution as we have to be compliant with ISO 27033 and I wonder if your toolkit (ISO 27001), will help me to achieve that?

  • Coverage of ISO 27001 requirements in the toolkit

    We have the ISO 27001 and ISO 22301 Premium packet. I find not the Point 8. Annex A Point A5 and within A7 I have only two documents. In real it must be Minimum 5 documents.

  • How often the risk review needs to be done?

    How often is good best practices to risk assess all SOA controls once we initially do during implementation?
Page 268 of 544 pages