ISO 27001 & 22301 - Expert Advice Community

Home / ISO 27001 & 22301

Discussions

Top Contributors

Expert

Rhand Leal

4151
Discussions
Expert

Carlos Pereira da Cruz

1915
Discussions
Expert

Dejan Kosutic

365
Discussions

Most Popular Tags

Product: Conformio Product: ISO 27001 Documentation Toolkit Product: ISO 13485 & MDR Integrated Documentation Toolkit ISO 27001 Product: ISO 27001 & ISO 22301 Premium Documentation Toolkit Risk Assessment ISO 9001 Product: ISO 13485 Documentation Toolkit ISMS Internal Audit register of requirements Product: ISO 27001/Risk Assessment Table Product: ISO 27001 & ISO 27017 & ISO 27018 Cloud Documentation Toolkit Product: ISO 27001 Internal Auditor Course Product: EU GDPR Documentation Toolkit
Select
CREATE NEW TOPIC +
Guest

Guest

Create New Topic As guest or Sign in

HTML tags are not allowed

Select

Assign topic to the user

  • Template content

    Our question is about document [A.8 Acceptable Use Policy]: do you have any extended template to cover the [A.12.2 Protection from malware]?

  • ISMS scope template

    I’m filling out the ISMS scope document.

  • Convincing top management

    My biggest problem is time management because our company is starting from scratch. We are at the moment implementing the ISO 9001. My position as a Marketing Consultant allows me to be a member of the internal audit.

  • Filling a template

    I have a question regarding risk assessment table. Should I include for example every mobile phone or laptop to it or just like a category: laptop or mobile phone?

  • BCP sites

    As per ISO 22301, if a company have defined 7 to 8 critical departments in its BCP plan, is it necessary to have a separate BCP site for each critical departments?

  • Documenting context of the organization and interested parties

    Where would I record Context of the organisation and Interested parties? Should I put that in the Information Security Policy - we have a separate document that lists legal and contractual requirements.

  • ISO22301 Internal Audit

    I am currently undertaking a pre-certification BCMS project. I also manage certified information security and quality management systems and for these I use a sampling methodology for internal audits which is quite straightforward as there is plenty of scope for samples under these systems. I am struggling to determine what samples I can use for the BCMS internal audit, especially pre-certification. What would you recommend? Thanks, Brian.

  • Risk Assessment in ISO 27001:2013

  • Template content

    Templates were good but missing Procedures for monitoring​ information processing equipment (Servers) and most vitally Code of Ethics

  • Entidades certificadoras acreditadas

    tengo una pregunta las certificaciones son reconocidas concretamente en España??? Me han contado que en España, si no el certificado no está expedido por la ENAC o por IQnet no está reconocida.... ¿es cierto?
Page 304 of 544 pages