ISO 27001 & 22301 - Expert Advice Community

Home / ISO 27001 & 22301

Discussions

Top Contributors

Expert

Rhand Leal

4151
Discussions
Expert

Carlos Pereira da Cruz

1915
Discussions
Expert

Dejan Kosutic

365
Discussions

Most Popular Tags

Product: Conformio Product: ISO 27001 Documentation Toolkit Product: ISO 13485 & MDR Integrated Documentation Toolkit ISO 27001 Product: ISO 27001 & ISO 22301 Premium Documentation Toolkit ISO 9001 Risk Assessment Product: ISO 13485 Documentation Toolkit ISMS Internal Audit register of requirements Product: ISO 27001 & ISO 27017 & ISO 27018 Cloud Documentation Toolkit Product: ISO 27001/Risk Assessment Table ISO 9001:2015 ISO27001
Select
CREATE NEW TOPIC +
Guest

Guest

Create New Topic As guest or Sign in

HTML tags are not allowed

Select

Assign topic to the user

  • Control A.8.3

    Quick question regarding the toolkit, there is nothing covering point 8.3 of annex A regarding removable medias management ?

  • Asset metrics

    dear support iam IT MANAGER in oil and gas company what kind of assets scheme do i create to collect both manual and digital information from all my organization departments , need sample .

  • Backup policy

    I'm new to Information Security, and I have read Document policy, but I have concerns about the Backup responsibility.

    Is the DBA responsible to take and store the Backup? or should be another responsible for it?

  • Function segregation matrix in a small company

    Preciso de uma ajuda/dica, de qual a melhor maneira de conseguir formalizar uma matriz de segregação de função, numa empresa pequena.

  • Certificate Maintenance

    Hi Advisera Team,
    I have bought the ISO 27001& ISO 22301 toolkit and it's really amazing. I have some questions regarding the annual cost of the certification (22301).

    1 - The certification body has set 2 days for surveillance audit. what is cost for the second and third year and what is the cost of recertification (Roughly)?
    2 - What happens if for some reason the organization didn't pay for the annual subscription for two years for example and then wanted to re-certify after that.
    3 - Is there any hidden cost in the process of yearly audit and recertification audit?

  • 11.2.8 and 11.2.9

    Hello, dear Advisera support,

    I read description of these two controls:  11.2.8 Unattended user equipment and 11.2.9 Clear desk and clear screen policy.  What is the difference? Are they not the same? As I see, the Implementation method for us for these two controls is the same: Clear desk and clear screen policy.

    Thank you!

     

  • Mandatory procedures

    Como saber quais procedimentos realmente preciso escrever?

  • Offices within scope

    Do we have to put the exact location addresses of our sites that are within scope?

    We have quite a few offices so this would make the scope become a large document.

  • Questions for ISMS

    1. What is the ideal KPI's to measure the effectiveness of ISMS in an organization?

    2. Can the internal auditor participate in the ISMS activities and take some responsibilities e.g review Policies and standards, develop and create missing documents, be an ISMS Advisor...etc
Page 127 of 544 pages