ISO 27001 & 22301 - Expert Advice Community

Home / ISO 27001 & 22301

Discussions

Top Contributors

Expert

Rhand Leal

4151
Discussions
Expert

Carlos Pereira da Cruz

1915
Discussions
Expert

Dejan Kosutic

365
Discussions

Most Popular Tags

Product: Conformio Product: ISO 27001 Documentation Toolkit Product: ISO 13485 & MDR Integrated Documentation Toolkit ISO 27001 Product: ISO 27001 & ISO 22301 Premium Documentation Toolkit ISO 9001 Risk Assessment Product: ISO 13485 Documentation Toolkit ISMS Internal Audit register of requirements Product: ISO 27001 & ISO 27017 & ISO 27018 Cloud Documentation Toolkit Product: ISO 27001/Risk Assessment Table ISO 9001:2015 ISO27001
Select
CREATE NEW TOPIC +
Guest

Guest

Create New Topic As guest or Sign in

HTML tags are not allowed

Select

Assign topic to the user

  • ISO 27001 - Context of Organization

    Does ISO 27001 say that organizations have to understand internal and external issues, interested parties and their requirements, when defining the ISMS scope? Is it correct to say "YES"? Or the understanding has to take place BEFORE and not DURING or WHEN ?

  • Question about training

    At what stage can I start looking for a job after the course (Security Awareness training) and what role can I apply for?

  • Example of risk and its correspondence residual risk

    Could you kindly give me the example of a risk and its correspondence residual risk. So, that it can be made clear for myself.

  • Processes, Actives, Procedures, Process , Functions

    I'm a little bit confused with some terminologies such as:

    1.            Process.
    2.            Activity.
    3.            Procedure.
    4.            Function.
    5.            Policy.

    Could you please explain these terms giving some examples?

  • Implementation duration for ISMS/BCMS

    according to your calculator (- Duration of ISO 27001 / ISO 22301 Implementation) we would need 8 months for ISMS or BCMS implementation. How long do you estimate if we implemented both at the same time? Would you recommend implementing ISMS first and then BCMS, or both at the same time in order to use as many synergies as possible?

    I ask the same questions regarding ISO 27017 and 27018. Should these be implemented at the same time, or is it better to follow them up according to ISO 27001?

  • Scope definition

    In my Company, we want to establish iso27001 on Whole Organization. We Develop, Establish, and support ERP Solutions. ERP use some web service (Micro Service or API) from some third parties which some of them have licenses and others is free. Is Web Service effect on ISMS Scope?

    also, Should we consider the risks of using the API in the risk assessment Process (like Access Control, Malware Analysis, Monitoring, ...)?

  • Implementing ISO 27001 - timeframe

    how much time does an org need to implement ISO 27001 after workshop of Lead Implementor?

  • ISO standards for Operations Security and Security Incident Management

    1. To meet the ISO standards for Operations Security and Security Incident Management, is implementation of a cybersecurity tool necessary?
    2. How much history of “records” is needed to show the auditor evidence of newly formed operational processes?
    3. Typically, once the ISMS prep is completed, how long after can a company get certified?
    4. Typically, for a small company, less than 20 employees, 5 sites, how long does ISMS project take?
    5. What are some examples of the information assets for the inventory list for a small company

  • Certifying bodies

    I’m looking for certifying bodies for ISO27001. PWC is one but am looking for 2 more to get a quote from. Preferably located in ***. Any suggestions?

  • Role of an ISO Lead Auditor and Implementer

    1. What is the role of the lead auditor and lead implementer in ISO processes?

    2. What should an organization have such persons?
Page 124 of 544 pages