Guest
Guest
Create New Topic As guest or Sign in
Assign topic to the user
-
Internal audit
I am advising a *** company at the moment, as well as a ‘daughter company’ in the *** on ISO 27001. Just some questions:
1 - In the ***, there is only one person actively working, but he is (of course) also shareholder. Would it be okay if he does the internal audit? In ***, we want to have the CTO as internal auditor. He doesn’t have shares, but he is part of Management. Would this be okay?
2 - What would be the cost of an online training for these internal auditors?
-
List of Legal Regulatory
1 - I purchased the document templates and went with package 2 that gives me unlimited emails. I will more than likely need help with more documents, but I am starting to work on them, and the first document is the 2.1. I am unsure what to list here, I have read your website but wanted some help. Our company sells Web Portals to customers that integrate with ***. Who would be the stakeholders, I am guessing the 2 owners, Employees, Customers? 2 - Since I am the one in charge of the ISO documentation, I would be the person responsible for compliance? -
ISO 27001 questions about implementation of the standard
1 - Is it a fundamental prerequisite for certification in the standard?
2 - How deep should the mapping and documentation for the scope be?
3 - Overall, I still have a lot of questions about the topic "Organization context" and everything it should cover ...
-
ISO 27001 dúvidas sobre implementação da norma
1 - É um pré-requisito fundamental para a certificação na norma?
2 - Quão profundo deve ser o mapeamento e documentação para o escopo?
3 - No geral, ainda tenho muitas dúvidas sobre o tópico "Contexto da organização" e tudo o que ele deve abranger...
-
GDPR vs 27001
Can you please explain me briefly how to perform the risk assessment for biometric data (GDPR), using a computer, one employee and a biometric reader (ISO 27001)?
-
Document content
I’m watching the “How to Write ISO 27001 Procedure for Corrective and Preventive Action” video tutorial, and there our document is missing parts that he demonstrates is in his document. For example, the 3.1 introduction is not in our document.
-
GDPR vs 27001
Can you please explain me briefly how to perform the risk assessment for biometric data (GDPR), using a computer, one employee and a biometric reader (ISO 27001)?
-
Becoming accredited ISO 27001 auditor or implementer
How does one become an accredited iso 27001 auditor or implementer to be able to give the certification to other businesses?
-
ISO 27001 Process
My problem is I am stuck at the Risk Assessment Table and Statement of Applicability stage.
With the RAT I think the challenge is getting started the right way: it is a daunting task that requires whole of business input and I suppose I do not feel adequately qualified to guide the process;
Similarly on SoA I do not feel I can make the call on what is applicable, nor guide the business in the process of discovering this.
Any guidance you can share would be appreciated and when I have some more specific questions it would be good to organise an hour of power with you (your early morning bearing in mind the time difference).
-
ISO 27001 implementation
'm responsible for an ISO 27001 implementation on my company. I took some courses to gain knowledge on how to implement the standard, but I still feel insecure to be leading a project so complex.
In the moment I have a ponderation:
- Is there other way to go over the process mapping for implementation (involves ISO 38500) or it is an indispensable pre requisite?