Guest
Guest
Create New Topic As guest or Sign in
Assign topic to the user
-
Ratio of successful cyber attacks on organisations who are ISO 27001 certified
Are there statistics available which indicates the ratio of successful cyber attacks on organisations who are ISO 27001 certified against those who are not ISO 27001 certified?
-
Appendix 3 of Risk Assessment
I hope you have time to just fill in the blanks here, we did a risk assessment on mobile devices specific, we were 4 people from different departments initiating this workshop to identify the risks for mobile devices.
I get the feeling the assessment report is made for all of the assessments we are doing or like in our case we do it on several type of areas, like mobile devices.
We identified four risks, we had 1 with the value 3 but we still accepted that risk and no other change was made in the appendix 2, in other words, we did not lower the risk value in this case.
And to complete this risk we need to document this in 3 different files, Appendix 1, 2 and 3 (final report).
Can you help me figure out this last part?
-
ISO 27001 conformity
Can you inform, whether authorities like third party approval authorities, market surveillance authorities and technical services are required to show conformity to 27001?
-
Risk Assessment - change
Hi dear Team,
as we made the Risk Assessment initially, a couple of months ago, we've had some servers in one of the locations, which had high Risk levels. Now, we've moved them to the cloud, and don't have those risks anymore. Should we now perform the Risk Assessment again? If yes, should the previous version be saved as well?
Thank you!
-
ISO 27001 course and materials related to 2017 revision
Hello, I want to do the iso 27001 course but I see that the one taught is not the current one for 2017, do you think that you will update it in a short time? The (2013) standard is certainly in force, but it would be nice if you indicated the variations with the 2017 standard in the course. Thanks again.
-
GDPR compliance
How much time is required if you are a startup company with no governance structure to acheive gdpr compliance ?
-
ISO 27000: IT technical consultant
Do I need to be an IT technical savy to be ISO 27000 consultant? I'm a BCS professional but into ISO consultancy services. Please advise to become one
-
Implementation of ISO 27001 Guidelines
How can I make a guideline to make a timeline for the implementation of ISO 27001
-
Risk register
Just a quick question, is it right that a client could ask to see a risk register of a company. Also all Vulnerability let's say a Vulnerability scan found certain ports open within a company then the owner enters this into the risk register this could then be seen and passed onto a potential client. So gist of my question is should we enter all Vulnerability found from a scan into risk register knowing that a potential client could request this.
-
Risk assessment reference
1. There is a question that the external auditor of ISO 27001 asked me, what is the reference or basis used for the risk assessment methodology that you have in your table? See point 3 of the attached document.
2. Another question, do you know where I can buy the ISO 27001: 2013 standard in Spanish?