ISO 27001 & 22301 - Expert Advice Community

Home / ISO 27001 & 22301

Discussions

Top Contributors

Expert

Rhand Leal

4151
Discussions
Expert

Carlos Pereira da Cruz

1915
Discussions
Expert

Dejan Kosutic

365
Discussions

Most Popular Tags

Product: Conformio Product: ISO 27001 Documentation Toolkit Product: ISO 13485 & MDR Integrated Documentation Toolkit ISO 27001 Product: ISO 27001 & ISO 22301 Premium Documentation Toolkit Risk Assessment ISO 9001 Product: ISO 13485 Documentation Toolkit ISMS register of requirements Internal Audit Product: ISO 27001/Risk Assessment Table Product: ISO 27001 & ISO 27017 & ISO 27018 Cloud Documentation Toolkit ISO Product: ISO 27001 Internal Auditor Course
Select
CREATE NEW TOPIC +
Guest

Guest

Create New Topic As guest or Sign in

HTML tags are not allowed

Select

Assign topic to the user

  • Implementation of the ISO 27001

    My name is *** and I am the Quality Assistant of our *** Manager, ***.

    I will be investigating the implementation of the ISO 27001 with a group of colleagues and will report to ***accordingly.

    First I’d like to thank you upfront for sharing your expertise and information below to hopefully help us decide to purchase this toolkit.

    We are very interested in your toolkit below yet some topics crossed our minds of which we are curious to know before purchasing.

    Since we are already certified for ISO 13485 I was wondering how this could be of advantage to us in implemented the ISO 27001 standard.

    Therefore these questions raised:

    1 - For instance, would it be sufficient for us to adjust certain procedures we already have because of this? Besides creating new ones that are required of course.

    2 - Is integrating ISO 27001 into our Quality Management System possible?

    3 - Does a gap analysis exist between ISO 13485 and ISO 27001 and if so, has it already been made?

    4 - Is this kind of information also addressed extensively in your toolkit?

  • Vendor Reviews

    I work for ***, which provides software and services to help companies do webinars. I'm trying to figure out if certain companies that we use their services need to be on our Vendor Log, and if we need to perform periodic vendor reviews for them, etc. It is clear to me that our Key Vendors and all vendors who interface with our software would need to be included. But what about companies like ***, who helps us manage our social accounts? It is not clear to me where the line is in cases like this. Thanks very much.

  • Implementation difficulties

    What do most people find most difficult to implement

  • PIMS

    What is the best way to be adopted in an attempt to establish an effective PIMS based on ISO 27001 and ISO 27018 and perhaps consider ISO 27701

  • Risk owner

    Assign ownership and accountabilities for strategic, aggregated, dynamic risks

  • Skipping certain blocks in the document templates

    Dear Dejan,

    We started working with Conformio, and first of all: I think it’s very useful! Thank you for it.

    I just have a question: I noticed all document templates have a block with “code, version, date of version etc” and later on a block with “change history”. This doesn’t make sense to me, since we are already using Conformio as a document management system where these things are already properly documented for each file. Can I remove these in my documents?

    I am asking this because I want to make our documents as short as possible, so our employees actually do read them (the more unnecessary info the more distraction and I’m afraid they will scroll rather than really read). Therefore, I would also like to skip the “reference documents”. Is that allowed too?

    Thanks for your advice.
Page 134 of 544 pages