ISO 27001 & 22301 - Expert Advice Community

Home / ISO 27001 & 22301

Discussions

Top Contributors

Expert

Rhand Leal

4151
Discussions
Expert

Carlos Pereira da Cruz

1915
Discussions
Expert

Dejan Kosutic

365
Discussions

Most Popular Tags

Product: Conformio Product: ISO 27001 Documentation Toolkit Product: ISO 13485 & MDR Integrated Documentation Toolkit ISO 27001 Product: ISO 27001 & ISO 22301 Premium Documentation Toolkit ISO 9001 Risk Assessment Product: ISO 13485 Documentation Toolkit ISMS Internal Audit register of requirements Product: ISO 27001 & ISO 27017 & ISO 27018 Cloud Documentation Toolkit Product: ISO 27001/Risk Assessment Table ISO 9001:2015 ISO27001
Select
CREATE NEW TOPIC +
Guest

Guest

Create New Topic As guest or Sign in

HTML tags are not allowed

Select

Assign topic to the user

  • Information Asset Register

    How crucial is the creation and ongoing management of the Information Asset Register in obtaining ISO 27001 certification?

  • Project to implement ISO 27001

    ¿Cómo plantear y vender a nuestro cliente el proyecto para implementar ISO 27001?
    Estamos en la ***

  • Combining ISO 27001 with other standards

    Con qué otras ISOs se podría complementar?

  • Help with ISO 27001 implementation

    Dear Advisera Support Team

    I have just purchased your "ISO 27001/ISO 22301 Risk Assessment Toolkit English" because I really find your concept practical according to the free downloadable materials on your website. Unfortunately after having looked through all the contents of the package, I am not fully satisfied with the purchase while expected more examples related to the asset-threat-vulnerability approach as written here in this site:

    Diagram of ISO 27001:2013 Risk Assessment and Treatment process (advisera.com)
     
    Could you please help me out? What I am looking for is more examples like this, something like a collection which ISO controls could address which threat and vulnerability types, a matching table would really help me. I would like to seek your support and advise here, especially when the assets would be infrastructure elements like a Domain Controller or a VPN gateway.

  • The best way to include “evidences” of policy implementation

    Thank you for this mail. I’m currently beginning redaction of the first documents and follow your online training. As I’m very satisfied of both ,  I’m also studying the opportunity to take a company account on advisera training for our employees awareness training.

    After hours of reading and watching the very complete content of your website (blog, videos…) I don’t have any questions requiring a meeting, except one you could surely answer by email : what Is the best way to include “evidences” of policy implementation (screenshot, configurations … showing that a rule or control is implemented) ?

    • put them in a folder listed in the record part of the document (one folder by audit date ?) and put link to invidual files in the document (difficult to handle as folder is not always attached to the document, especially when sent to employees who don’t need to have such evidences)
    • put them in aforementioned folder, but without any link ? but this way it could be difficult to see which file corresponds to which rules/ controls
    • other way ?

    Once again, thank you very much for the quality of your service

  • ISO 27001 certification

    I am an *** Branch of a Foreign entity doing business in ***, my foreign parent has taken iso certification. So by being the branch of this foreign entity do I have to apply for iso certification again in ***?

  • Meaning of Bomb attack and bomb threat

    what's the meaning of Bomb attack and bomb threat? they mean logical bomb such as (DDOS,...)

  • Roles and Responsibilities

    Is an obligation define roles and responsabilities for TI in a Company with different Areas or Department? and that roles must be included in the Organizational Chart?
Page 136 of 544 pages