Guest
Guest
Create New Topic As guest or Sign in
Assign topic to the user
-
Can you figure out interfaces and dependencies??
Can you figure out interfaces and dependencies Sir, Can you please put some light on these two scenarios: 1. I've created a webpage, which is hosted on servers of organisation A. Webpage is just a GUI, at the backend, we're utilising the services of SAINT... basically, our organisation provides customers a GUI and paying SAINT for the services going on the back of our webpage. Can you please point out any interfaces and dependencies involved here? 2. We're using a product called Alienvault, for the SOC analysis. In our organisation we have terminals for analysis ( traffic, vulnerabilities in system etc) . At our customers end we have installed Alienvault software at some nodes. All the logs resides on the servers of Alienvault. Can you please help me figure out the interfaces and dependencies in both the scenarios above???? -
ISMS interfaces and dependencies
what are interfaces and dependencies as per clause no 4.3 in iso 27001:2013, can you please give me examples of interface and dependencies? -
Controls to software related risks
Just wanted to check which control deals with the risk of outdated software, End of Life software -
Risk owners and asset owners
Should we assign two different people to be the Risk Owner and Asset Owner or can they be just one person? -
Backup and recovery checklist
Which iso27001 doc, would contain a checklist on Backup and recovery? i have a client who's auditors are requesting a DR analysis and plan, and was hoping i can cut out the admin part and buy the templates -
Freeware software on product environment
can you please let me know according to ISO 27001:2013 standards can we allow/access freeware on production environment if the organisation is certified with ISO 27001:2013 -
Scope definition considering network infrastructure
my organisation (acme incorp) has two separate networks. one for internal use only and one for shared use between us and a major customer (but we host the network). I am not looking to get iso 27001 certification for my organisation (acme incorp), I am looking for certification for our external network which is a requirement for the contract between us and the customer. I taught, if I could tell the customer our external network is iso 27001 certified, that will give us a competitive advantage for contract renewal when the time come. Am not sure if my explanation is clear. Can I certified a network as so post to a company? -
Definition of implementation for an ISO 27001 project
We are in the planning stages of implementation of ISO27001 and are using Conformio to plan the project. I have a questions about the Free Calculator – Duration of ISO27001/ISO22301 Implementation tool. What does the tool use as a definition of implementation complete? For instance is Risk Assessment complete, procedures written and employees trained the definition of complete? Or does complete also include 3 months of the system in operation or is it ISO certification or some other measure? Would appreciate some additional insight into the definition of project complete -
Impact Analysis Questionnaire
Please assist is there a way I can engage BCM on new initiatives and projects before going live. Do you have any checklist for such request? E.g. for Information security they have Security questionnaire. -
Qualitative and quantitative risk assessments
what is the difference between qualitative assessment and quantitative assessment?