Guest
Guest
Create New Topic As guest or Sign in
Assign topic to the user
-
Can a Lead Auditor certify that organisation is ISO 27001 compliant?
Can a Lead Auditor certify that an organization is ISO 27001 compliant?
-
Contractor's obligation to provide the client with BIA/BCRA
If I use a contractor to provide a key service within my organization, does that contractor i.e., *** have an obligation to provide me with a BIA/BCRA?
-
Question on ISMS scope definition
Thanks so much for the webinar. We were finalizing our scope and our management wanted us to consider a smaller scope. Can you just remind me on a couple of points you made in the webinar?
1 - The scope cannot be a server or a product, because it is a management standard right? Does this then mean that it can’t be an environment, like a cloud environment? Would you set the scope as the software engineering department for example instead?2 - And you mentioned the scope cannot be drawn between people who share the same office? Does this mean they would also need to be segregated in terms of network or email environment?
I’d really appreciate your opinion as I think the delivery time will be quite different if we chose the smaller scope rather than the whole company, although maybe more detailed in segregating them.
-
Calculating Duration of each Service or Critical Service
One of the KPI is Duration of service interruptions. Duration of each Service or Critical Service? how can calculate in overall?
-
Statement of Applicability
If after certifying the company there are changes in the SOA, what should proceed with the external audit?
-
IT Managed Service Providers
1. Is there an ISO certification we should look at?
2. What would be involved to get certified and what sort of costs would we expect?
-
ISO 27001 implementation
I'm wondering other than your video about ISO 27001 what are some good resources for me and my team to follow? In addition to that what kind of Specialists might I need to execute an implementation of ISO 27001
-
Annex A controls
We are starting the certification process, but the controls are mostly not very clear, and sometimes, in my opinion, redundant. Do you have any material that explains in a technical way, or exemplified, each of the controls mentioned in annex A? -
Annex A controls
Estamos iniciando o processo de certificação, porem os controles em sua maioria, não são muito claros, e as vezes, em minha opiniao, redundantes. Voce possui algum material que explique de forma tecnica, ou exemplificada, de cada um dos controles citados no anexo A?
-
ISO 27017
I am working with a client who wants to be ISO 27017 compliant.
They've asked if there's anyway they can be certified, considering they're already ISO 27001 certified. I've been researching the topic for a while and i've only seen this type of compliance statement being given to Cloud service providers.
I wanted to ask if you have seen this attestation being requested and given to any company that is only a cloud consumer.Thank you in advance for your attention!