Guest
Guest
Create New Topic As guest or Sign in
Assign topic to the user
-
Varias preguntas relacionadas con la implementación de la ISO 22301
Hola, estamos implementado la ISO 22301 a partir del paquete que compramos, paralelamente estamos implementado la ISO 27001 donde ya hemos avanzado implementando políticas y procedimientos, aquí hay una carta Gantt ya definida. En relación a la ISO 22301 partimos con la política de la continuidad del negocio, aquí tengo algunas preguntas: -
Some types of assets
If I have Some types of assets like persons, services and computers I have to classify them too? Or only the information assets? -
Opportunities in the methodology of risk assessment?
I am confused because I created one information security risk management procedure which is the methodology of risk assessment; Do I need to put something related to opportunities in that procedure or not? and do i need to add something in my risk register? like opportunities? -
Controls for a cloud provider
Does ISO 27001 certification require control maturity for systems that are new to a deliverable model? For example, if a business unit were to deploy a company standard SQL image into a cloud provider infrastructure would the cloud provider have to have control maturity or are the current controls in place for on-premise data centers sufficient? -
First things in ISO process
In the ISO process, what are the first things you should look at ? What I want to is what will fall in line with top priorities so you can create a flow chart and work from the most critically important to the the less significant issues and can you build upon each ? -
Asset identification in risk assessment
I need to certify the company X. This company does not have its own IT equipment. It gets them provided by the sister company Y. In the sister company are also all business processes of X running. How to identify values for a risk assessment? -
Main driving force for ISO 27001
What is the main driving force for ISO 27001 compliance? -
Work breakdown structure for ISO audits
Can you please help me with the Work Breakdown structure for ISO Audits? -
Best practices in accessing business cloud applications
My question is related to what’s the best practices in accessing business cloud applications from mobile devices? I think that’s not included in any of the policies of your package… -
How long should a company operate the ISMS before an internal audit takes place
I appreciate if you could assist me with the following question related to the ISO 27001 implementation process. Once the controls (technical, develop policies, etc.) are implemented, any best practice on how long should a company operate the ISMS before an internal audit takes place, and what is the time frame between the internal audit and the certification audit.