ISO 27001 & 22301 - Expert Advice Community

Home / ISO 27001 & 22301

Discussions

Top Contributors

Expert

Rhand Leal

4151
Discussions
Expert

Carlos Pereira da Cruz

1915
Discussions
Expert

Dejan Kosutic

365
Discussions

Most Popular Tags

Product: Conformio Product: ISO 27001 Documentation Toolkit Product: ISO 13485 & MDR Integrated Documentation Toolkit ISO 27001 Product: ISO 27001 & ISO 22301 Premium Documentation Toolkit Risk Assessment ISO 9001 Product: ISO 13485 Documentation Toolkit ISMS register of requirements Internal Audit Product: ISO 27001/Risk Assessment Table Product: ISO 27001 & ISO 27017 & ISO 27018 Cloud Documentation Toolkit ISO Product: ISO 27001 Internal Auditor Course
Select
CREATE NEW TOPIC +
Guest

Guest

Create New Topic As guest or Sign in

HTML tags are not allowed

Select

Assign topic to the user

  • Certificação ISO 27001

    quais os requisitos para certificar uma empresa do setor gráfico?

  • ISO 27001 certification

    what are the requirements to certify a company in the printing industry?

  • Is PII Information?

    Dear Dejan,

    I have a question for you if you can help me on this.

    Is customer PII considered as Information in ISO27001:2013 Standard?

    If yes then shouldn't monitoring of PII shared with vendors be mandatory and not dependent upon contractual agreement. Shouldn't this activity be not allowed to be excluded from contractual agreement?

    This question confuses me on allowing exclusions in ISMS

  • IT Auditing

    I am working with companies as a consultant and helping them prepare policies they require for ISO27001 and ISAE3402 (also SOC1 and SOC2). I have also managed the audit process for my own business.


    My question is what can I do if I get certified that I can't do now? Secondly, do I have to get certified for all 4 - ISAE3402/ISO27001/SOC1/SOC2 or can I do one overarching certification that will apply to all? Also what are the global bodies that accredit ISO certifications and does that apply to Advisera?

    Thanks for your help.

  • Documents necessary for audit

    Quisiera hacer una consulta….  

    ¿qué documentos, de manera necesaria, se debe presentar a una Auditoría para Certificación ISO 27001, a parte de las políticas, procedimientos obligatorios de ISO 27001?

    Por ejemplo: Mapa procesos, manual del SGSI, etc.)

    (I would like to make an inquiry…. What documents, in a necessary way, must be presented to an Audit for ISO 27001 Certification, apart from the policies, mandatory procedures of ISO 27001? For example: Process map, ISMS manual, etc.)

  • Dealing with business processes experience

    I need your feedback on dealing with business processes experience.

    Do we limit ourselves to processes that have links with the information system or do we put other vital and commercial processes such as the purchase of raw material, storage… as a process excluded when defining the scope?

  • Policy statement

    What is policy statement?

  • ISO 27001 - Context of Organization

    Does ISO 27001 say that organizations have to understand internal and external issues, interested parties and their requirements, when defining the ISMS scope? Is it correct to say "YES"? Or the understanding has to take place BEFORE and not DURING or WHEN ?

  • Question about training

    At what stage can I start looking for a job after the course (Security Awareness training) and what role can I apply for?

  • Example of risk and its correspondence residual risk

    Could you kindly give me the example of a risk and its correspondence residual risk. So, that it can be made clear for myself.
Page 124 of 544 pages