Guest
Guest
Create New Topic As guest or Sign in
Assign topic to the user
-
Incident Management Procedure
In the Incident Management Procedure there is a section called “Managing records kept based on this document”. Unfortunately I could not find a good definition for it t determine how to handle it. It would be great if you could help me more resources about this part of policy
-
Remote Access Policy and BYOD(Bring Your Own Device) Policy
I was asked to develop a (*Subject) for a small organisation with no more that 1500 words and it's not very specific as to have user profile A,B...etc.. and their designation, their rights and all. How do I start with it?
-
List of cybersecurity risks associated with 5G technology
Can you provide me with an example list of cybersecurity risks associated with 5G technology?
-
Difference between ISO 27001 A.18.2.1 and 9.2 Internal audit
What is the difference between ISO 27001 A.18.2.1 and 9.2 Internal audit?
-
Lists of potential risks for a 100% digital market place
Do you have an example lists of potential risks for a 100% digital market place that I can use as basic reference by any chance?
Working on the risk part (6.1 in ISO27001) where we actually build in best practices to counter potential risks pro-actively, but having a guidance list from other companies would help a lot fore mainly A9 and A10 to see if we can thinking of the right kind of risks.
All will be adjusted to our specific platform of course, but any initial draft would be appreciated
-
Risks posed by third party’s or suppliers
Please what are the risks posed by third party’s or suppliers? I mean examples of Information Security risks that are posed by third parties i.e. suppliers, partners and customers, for example, hardware devices such as routers, switches, telecom lines, firewalls, software applications, ICT services such as risk assessment, penetration testing, computer forensics investigations, etc, -
Procedures for suppliers to cover the control of External Providers
I Have a question concerning my 22301Q2019 package I have two companies 1st TRADE, STORAGE & HANDLING (SIMPLE COOLING, TEMPERATURE ENVIRONMENT) of FRESH FRUIT & VEGETABLES 2nd offers environmental technologies and specializes in the design and manufacture of Prefabricated Innovative Water Treatment and Wastewater System which incorporate innovative advanced solutions and are suitable for wastewater treatment for civil and industrial applications. Both use External providers- Supply chanin (such as technical services, drivers and trucks, externalwarehouses and engineers . Where in this package can i find procedures for suppliers to cover the control of External Providers 8.1 Operational planning and control The organization shall plan, implement and control the processes needed to meet requirements, and to implement the actions determined in 6.1, by: The organization shall ensure that outsourced processes and the supply chain are controlled. -
Corrective action plan for audit observation for clause 8.1 of ISO 22301
Good Morning
There is a External Audit observation (Minor Non conformance) for clause 8.1 of ISO22301 with following statement:
There was no objective evidence of process plans identifying the process criteria and the controls implemented in accordance with the criteria.
What is a corrective action plan for this audit observation. How to close this minor non conformity (Any new document/procedure required) ??? Your prompt guidance/help on this matter is appreciated
-
Documenting mandatory documents for ISMS
How to document mandatory documents for ISMS?
-
Compliance with monitoring and measurement requirement
What would be the compliance with the monitoring and measurement requirement? Were they indicators?