ISO 27001 & 22301 - Expert Advice Community

Home / ISO 27001 & 22301

Discussions

Top Contributors

Expert

Rhand Leal

4151
Discussions
Expert

Carlos Pereira da Cruz

1915
Discussions
Expert

Dejan Kosutic

365
Discussions

Most Popular Tags

Product: Conformio Product: ISO 27001 Documentation Toolkit Product: ISO 13485 & MDR Integrated Documentation Toolkit ISO 27001 Product: ISO 27001 & ISO 22301 Premium Documentation Toolkit Risk Assessment ISO 9001 Product: ISO 13485 Documentation Toolkit ISMS register of requirements Internal Audit Product: ISO 27001/Risk Assessment Table Product: ISO 27001 & ISO 27017 & ISO 27018 Cloud Documentation Toolkit ISO Product: ISO 27001 Internal Auditor Course
Select
CREATE NEW TOPIC +
Guest

Guest

Create New Topic As guest or Sign in

HTML tags are not allowed

Select

Assign topic to the user

  • Function segregation matrix in a small company

    Preciso de uma ajuda/dica, de qual a melhor maneira de conseguir formalizar uma matriz de segregação de função, numa empresa pequena.

  • Certificate Maintenance

    Hi Advisera Team,
    I have bought the ISO 27001& ISO 22301 toolkit and it's really amazing. I have some questions regarding the annual cost of the certification (22301).

    1 - The certification body has set 2 days for surveillance audit. what is cost for the second and third year and what is the cost of recertification (Roughly)?
    2 - What happens if for some reason the organization didn't pay for the annual subscription for two years for example and then wanted to re-certify after that.
    3 - Is there any hidden cost in the process of yearly audit and recertification audit?

  • 11.2.8 and 11.2.9

    Hello, dear Advisera support,

    I read description of these two controls:  11.2.8 Unattended user equipment and 11.2.9 Clear desk and clear screen policy.  What is the difference? Are they not the same? As I see, the Implementation method for us for these two controls is the same: Clear desk and clear screen policy.

    Thank you!

     

  • Mandatory procedures

    Como saber quais procedimentos realmente preciso escrever?

  • Offices within scope

    Do we have to put the exact location addresses of our sites that are within scope?

    We have quite a few offices so this would make the scope become a large document.

  • Questions for ISMS

    1. What is the ideal KPI's to measure the effectiveness of ISMS in an organization?

    2. Can the internal auditor participate in the ISMS activities and take some responsibilities e.g review Policies and standards, develop and create missing documents, be an ISMS Advisor...etc

  • Access control

    Today I consult a large institution, where we are equalizing control systems of logical and physical access, I am in search of content about physical access (standards, good practices, axes of analysis, premises), but it is a very complicated content to achieve .
    Do you have any indication of content?

  • Access control

    Hoje presto consultoria a uma grande instituição, onde estamos equalizando sistemas de controle de acesso logico e fisico, estou na busca por conteudos sobre acesso fisico (normas, boas praticas, eixos de analise, premisas), mas é um conteudo bem complicado de se conseguir.
    Voce teria alguma indicação de conteudo?

  • Implementing ISO 27001 in a greenfield

     sincerely hope my email finds you well and safe. Just want to pick your brain about implementing an ISMF in a greenfield site.

    1 - What are the key considerations when implementing an ISMF such as the ISO 27001 in a greenfield site – i.e. an organization where there are nothing in terms of security policy or practice. Would we go through the normal workflow of implementing ISO 27001 or are there deviations?

    2 - Can you suggest any additional resources I could use for greenfield implementation?
Page 128 of 544 pages