ISO 27001 & 22301 - Expert Advice Community

Home / ISO 27001 & 22301

Discussions

Top Contributors

Rhand Leal

Carlos Pereira da Cruz

Dejan Kosutic

Most Popular Tags

Product: Conformio Product: ISO 27001 Documentation Toolkit Product: ISO 13485 & MDR Integrated Documentation Toolkit ISO 27001 ISO 9001 Product: ISO 27001 & ISO 22301 Premium Documentation Toolkit Risk Assessment Product: ISO 13485 Documentation Toolkit ISMS register of requirements Internal Audit Product: ISO 27001 & ISO 27017 & ISO 27018 Cloud Documentation Toolkit Product: ISO 27001/Risk Assessment Table ISO 14001 Product: ISO 27001 Internal Auditor Course

Sort by:

Select

CREATE NEW TOPIC +

Guest

Guest

Create New Topic As guest or Sign in

Business department* About business* Organization size*

Title *

Body *

HTML tags are not allowed

Category *

Select

Tags

Name *

Email *

I accept the Privacy and Terms

Notify me when someone replies

Assign topic to the user

Select user

New ISO 27001, ISO 27002, ISO 27003
1) I was wondering if your opinion on the updates with regard to ISO/IEC 27002 and 27003 (plus BS 27001:2017) would be covered in a future briefing?
ISMS scope
I recently took on the CISO role at a software company that is interested in gaining 27001 certification for ONE of their products (which is hosted on xxxxx). Seems like we would have a limited scope, and all the controls would be relative to that software and its development?
Observer in a audit
I have completed ISO 27001:2013 Lead auditor course recently.
ISMS scope definition
I did have a question for you, with respect to the scope of the organisation. My existing plan/scope covers the whole of our single premises (and all departments). I was asked to look into the feasibility of only including support and installation for the scope. To be honest I could not see how this would be feasible, without putting nearly as much effort into this, which would be better spent doing the whole business.
ISMS implementation
How can I establish the Information Security Management System (ISMS)?
IRCA auditor
How to get the IRCA badge for being an IRCA certified Lead Auditor?
Organizational context
Can you please elaborate different types of context as per ISO 27K prospective? Please provide relevant examples to understand the same.
Non Disclosure Agreement
I have another issue raised today when drafting out Non Disclosure Agreement. I hope you can help with this! What is the best practice duration of confidentiality agreement? if we say it is for particular number of years, for some highly sensitive information it may not be enough or if its to expire with the contract that's will not help also to protect the information.. I'm sure you will have a better idea on this and can help me come up with the best.
Cryptography verification
where is cryptography tested in ISO 27001?
BCP content
1 - Please on Wednesday webinar, I will appreciate if you would give time to discuss the content of a BCP plan: