ISO 27001 & 22301 - Expert Advice Community

Home / ISO 27001 & 22301

Discussions

Top Contributors

Expert

Rhand Leal

4151
Discussions
Expert

Carlos Pereira da Cruz

1915
Discussions
Expert

Dejan Kosutic

365
Discussions

Most Popular Tags

Product: Conformio Product: ISO 27001 Documentation Toolkit Product: ISO 13485 & MDR Integrated Documentation Toolkit ISO 27001 ISO 9001 Product: ISO 27001 & ISO 22301 Premium Documentation Toolkit Risk Assessment Product: ISO 13485 Documentation Toolkit ISMS register of requirements Internal Audit Product: ISO 27001 & ISO 27017 & ISO 27018 Cloud Documentation Toolkit Product: ISO 27001/Risk Assessment Table ISO 14001 Product: ISO 27001 Internal Auditor Course
Select
CREATE NEW TOPIC +
Guest

Guest

Create New Topic As guest or Sign in

HTML tags are not allowed

Select

Assign topic to the user

  • Time-frame to be ISO 27001 compliant

    I would like to know how long does it take to make a startup of 5 people ISO 27001 compliant? and how much?

  • ISO 27001 Certification for Travel agency

    What is the relevance of a travel agency getting 27001 certified?

  • ISO 27001 and alignment with other ISO standards

    Hi! Just a question regarding ISO 27001. Does that fit in to the common structure of ISO 9001 and 14001 too?

  • Evidence of competence

    Hello dear Advisera Team,

    1. Should evidence of competence be related to Information Security, or IT, or something else? Which competence do we have to justify? Should we have the evidence for everybody, or only just for IT Manager or Admins e.g.?

    2. What if we have an online learning platform with Data Privacy Training, but only half of the employees completed that training? I don't think it is enough, can it raise a non-confirmity?

    Thank you!

  • Risk Assessment Method

    Can I use the CIS RAM as my Risk Assessment Method for implementing the ISO 27001:2013? I feel very comfortable using that method but need to know if it is appropriate to use it with the ISO 27001. Or the best scenario is to use the ISO 27005:2018?

  • Customer management

    Me gustaría saber por qué en ISO 27001 hay una “Gestión de Proveedores” y no hay una “Gestión de Clientes” ?

    De que manera debo alinear o asegurar a mis clientes dentro de mi implementación de ISO 27001?

  • Data retention

    It would be great if you could tell me if ISO27001 or other standards require companies to remove customer data after the contract is finished. Actually I don’t mean personal information, mostly data which data analytics use for the machine learning, model training and so on. I am looking for B2B businesses data retention requirements.

  • ISO 27001 and ISO 20000 certification

    Our company is looking at getting ISO 27001 and ISO 20000 certification.  Do you think this is necessary?  Or which one will suffice to cover both certifications

  • Information security objectives

    I have this example on my Information security policy, but I think this objetive it is not S.M.A.R.T., please tell me, am I wrong?
    objective:

    "Define and establish the general guidelines of information security in the company, which will guide the personal and professional behavior of all employees and third parties who interact regularly or occasionally with the information and information assets associated with it in the development of their functions."

    Thank you for your help.
Page 112 of 544 pages