ISO 27001 & 22301 - Expert Advice Community

Home / ISO 27001 & 22301

Discussions

Top Contributors

Expert

Rhand Leal

4151
Discussions
Expert

Carlos Pereira da Cruz

1915
Discussions
Expert

Dejan Kosutic

365
Discussions

Most Popular Tags

Product: Conformio Product: ISO 27001 Documentation Toolkit Product: ISO 13485 & MDR Integrated Documentation Toolkit ISO 27001 Product: ISO 27001 & ISO 22301 Premium Documentation Toolkit Risk Assessment ISO 9001 Product: ISO 13485 Documentation Toolkit ISMS register of requirements Internal Audit Product: ISO 27001/Risk Assessment Table Product: ISO 27001 & ISO 27017 & ISO 27018 Cloud Documentation Toolkit ISO Product: ISO 27001 Internal Auditor Course
Select
CREATE NEW TOPIC +
Guest

Guest

Create New Topic As guest or Sign in

HTML tags are not allowed

Select

Assign topic to the user

  • Finding an auditor

    I have been taking a look at your offering, attended yesterday’s Webinar and will attend more and for now it feels like your offering could very much fit our requirements.

    We are likely one of those ‘could do it almost by ourselves – but need help with some items’ companies. 

    Me personally have not rolled 27001 yet but used to work with controls, procedures, policies, etc. 

    The biggest question mark for me right now is how to find an auditor that could fit in this approach. Do you have any recommendations on that?

  • Recommendations for the registrar

     I was checking to see if you had recommendations for the registrar that would be auditing our company should we pursue the ISO 27001 certification. Thank you.

  • Calculating ROI for ISO 27001 ISMS implementation program

    How the best way to calculate the ROI for a ISO27001 ISMS implementation program?

  • Clause 7.5.1

    Hi Dejan Hope you are well. I had a quick question please. Clause 7.5.1 has a "shall" but the procedure for documentation control is not marked as a mandatory document in your checklist. I was wondering what could be the reason for that? Thank you

  • Protecting and keeping data safe

    The question I had: Do we as a company get by extension the benefits of cloud companies having all the certificates and good practices when it comes to protecting and keeping data safe. We are working with *** and ***. An example scenario would be an auditor asking my company how we back up data? And our answer is that we back up our data on 2 different servers: *** and *** for example. Would that be OK? Since we are not the ones responsible for the data, but we are offloading this to a much more secure company. Is this something that we can evaluate as low risk and not implement special controls when it comes to protecting this data, since we are getting the benefits of using a cloud provider?

  • Career in compliance

    I want to make career in compliance although I have 1.5 years experience of infosec. How do I start it?

  • Scope definition

    In the scope definition I write only what the company does and where it does it (address), don't you need to write the processes involved in the scope?

  • Definição de escopo

    Na definição de escopo eu escrevo apenas o que a empresa faz e onde faz (endereço), não precisa escrever os processos envolvidos no escopo?

  • ISO 27001 and Job description

    Just wanted to know if ISO 27001 requires Job description to be signed off

  • ISO 27001 certifying firm

    I need ISO 27001 certifying firm. can you help me to get.
Page 110 of 544 pages