ISO 27001 & 22301 - Expert Advice Community

Home / ISO 27001 & 22301

Discussions

Top Contributors

Expert

Rhand Leal

4151
Discussions
Expert

Carlos Pereira da Cruz

1915
Discussions
Expert

Dejan Kosutic

365
Discussions

Most Popular Tags

Product: Conformio Product: ISO 27001 Documentation Toolkit Product: ISO 13485 & MDR Integrated Documentation Toolkit ISO 27001 ISO 9001 Product: ISO 27001 & ISO 22301 Premium Documentation Toolkit Risk Assessment Product: ISO 13485 Documentation Toolkit ISMS register of requirements Internal Audit Product: ISO 27001 & ISO 27017 & ISO 27018 Cloud Documentation Toolkit Product: ISO 27001/Risk Assessment Table ISO 14001 Product: ISO 27001 Internal Auditor Course
Select
CREATE NEW TOPIC +
Guest

Guest

Create New Topic As guest or Sign in

HTML tags are not allowed

Select

Assign topic to the user

  • Access control policy: A.9.2.3

    Hello, My company bought the documentation of the Access Control Policy. At which part is control A.9.2.3 covered in this document? Yours sincerely, Tom van Ruitenbeek

  • External Auditor versus Lead Auditor

    I want to become an External Auditor, not a lead auditor.....Is there a difference when it comes to the qualifications? Can someone take the Internal Auditor course, get the Certification and then start doing ISO 27001 for my company at other sites?

  • Competence evidence

    What kind of evidence required for resource competence and attending training to address relevant cybersecurity risk?

  • Sample texts in templates

    I don't understand the part of "Managing records kept on the basis of this document" in document 00_Procedure_for_Document_and_Record_Control_Integrated_EN.docx

  • Delayed audit report

    I have post Internal audit problem with regards to incomplete and delayed reporting of internal audit carried out in April, 2017 the audit IQA-Q2 was closed out. However the report since April was never completed due to reshuffle and resignation of lead auditor and unavailability of the draft close out report.

  • Documents review criteria

    Could you please clarify, if we can indicate the revision of the documents (policies, procedures etc) "if necessary", or we should give the specific time frame, once a year, for example?

  • Cláusula 7.4 de la ISO 22301

    Pregunta: He estado trabajado con la documentación que me enviaron, sobre todo con la del BIA, pero ahora necesito abordar el tema de la comunicación cláusula 7.4 de la norma, tienen documentos para este punto, no lo he podido identificar en el pack de documentos. Respuesta: Puedes cubrir todas las cuestiones relativas a las comunicaciones con el Plan de Respuesta a Incidentes, el Plan de Continuidad de Negocio, y el Plan de Recuperación. Por tanto, básicamente no tenemos un documento específico para la cláusula 7.4 de la ISO 22031, pero puedes usar los documentos que he mencionado para cubrir con los requerimientos de esta cláusula.

  • Risk assessment and BIA

    How does the risk assessment correlate with the BIA?

  • BCP and DRP tests

    Can you please provide me the guidance on conducting BCP and Dr drill.

  • Improving an information security program

    I need general advice as to how to go about trying to overhaul and improve the information security program in my organization. An audit has been done in my organization recently based on ISO 27001 controls questionnaire and it looks like we are not doing to well based on the scores
Page 340 of 544 pages