ISO 27001 & 22301 - Expert Advice Community



Create New Topic As guest or Sign in

HTML tags are not allowed

Assign topic to the user

  • Approved Certification bodies

    Hey everyone, really nice to join this forum.
    I just have a very quick question that I hope someone can assist me with.

    Does any one know of the best way to validate a certification body, and what certificates that certification body is authorised to issue.

    I've found, just wonderig if there are any others that will allow me to validate my results about a potential fake certificate.

  • ISMS audit

    How do perform an ISMS audit with efficient suggestion to consultant and client to ease the gap on the risk and controls in the standard?

  • Planned implementation of changes to ISMS

    I bought the new kit for 27001/2022. I'm missing a document on the new chapter in the documentation

    Chapter 6.3 Planned implementation of changes to the ISMS.

    When will something be added?

  • Toolkit documentation

    Which document in the toolkit is relevant to clause A.7.5 (Protecting against physical and environmental threats)? And to A.7.8 (Equipment siting and protection)?

  • DR distance

    What's the distance for a disaster recovery site?

  • Lead Auditor certification

    I obtained a certificate through Advisera.
    I’m working at a certification body and am gaining experience.
    But I understood I need to send my certificate somewhere to become accredited.
    Can you please elaborate on that?

  • Documentation hierarchy

    I'm interested in applying MS documentation hierarchy according to ISO10013:2001; please address this and in relation to this now being a withdrawn standard.

  • Information Security Policy Creation

    I would want to know examples of Information Security Objectives which are measurable. I am in the process of coming up with the IS Policy using your template.

  • Statement for logs retention periods regarding critical assets

    Hi! I would like to know whether in ISO 27001 from 2022 there is a statement for logs retention periods regarding critical assets? I would like to know what are the minimum requirements (meaning minimum time periods) for keeping logs containing critical data.

  • ISM Policy

    I am working on the ISM Policy and would like to know which other objectives we can put which are measurable besides the generic ones?

Page 1 of 522 pages