Guest
Guest
Create New Topic As guest or Sign in
Assign topic to the user
-
Difference between ISO 27001 and locally published ISO 27001
What differences could be observed with regard Colombian technical standard NTC-ISO 27001 with the standard ISO 27001? -
ISO 27001 phases and corresponding outputs
I need to create a matrix showing the phases of ISO 27001 implementation, including the steps in each phase, and listing the corresponding outputs (documents, reports) per phase. Could you point me to such a matrix which I can download from your site? -
Documenting controls from section A.14
The auditor of 27001 asked me to complete some documents that referred by SoA at
A.14.1.2 Security Requirements Specification
A.14.2.1 Secure development policy
A.14.2.2 Operation Guide
A.14.2.3 Technical Review Document
Unfortunately, I have no idea what to write to these documents. Have you templates to help me to this situation? -
Asset owners
In one of your webinars you mentioned about grouping assets together such as laptops and pc’s if they all share the same threats, how would I go about documenting the asset owners? Would I list all the asset owners names in a comment within the column box in excel? -
Information Security Program
I’m still working on my documents and start downloading your documents and templates. My primary task for now is to create an Information Security Program (ISO) for the Organization as part of the primary requirement of our Regulator to be submitted this 3rd quarter of 2018. Looking on the templates I’m not sure where I can pattern this or probably get guidance or format on how the ISP will look like. If you have same document that I can refer with, it will be a great help. -
Documenting competencies
Will you please let me know if there is some guidance from ISO how competencies can be documented by experience, training and or education regarding assumed tasks? -
Defining scope
I am looking for your expert advice on ISO 27001 out of scope. Here is an example of the scenario: -
Certificar un producto o servicio con ISO 27001
¿Es posible certificar un servicio o un producto? o únicamente es posible algún proceso del servicio y/o producto. -
Loading and unloading areas and ISO 27001
1 - I need to understand the details for Loading & Unloading Areas complaint to ISO 27001. I mean if we want to make from scratch a loading & unloading area.