ISO 27001 & 22301 - Expert Advice Community

Home / ISO 27001 & 22301

Discussions

Top Contributors

Expert

Rhand Leal

4151
Discussions
Expert

Carlos Pereira da Cruz

1915
Discussions
Expert

Dejan Kosutic

365
Discussions

Most Popular Tags

Product: Conformio Product: ISO 27001 Documentation Toolkit Product: ISO 13485 & MDR Integrated Documentation Toolkit ISO 27001 Product: ISO 27001 & ISO 22301 Premium Documentation Toolkit ISO 9001 Risk Assessment Product: ISO 13485 Documentation Toolkit ISMS Internal Audit register of requirements Product: ISO 27001/Risk Assessment Table Product: ISO 27001 & ISO 27017 & ISO 27018 Cloud Documentation Toolkit AS9100 Product: EU GDPR Documentation Toolkit
Select
CREATE NEW TOPIC +
Guest

Guest

Create New Topic As guest or Sign in

HTML tags are not allowed

Select

Assign topic to the user

  • Details about Documents Assets

    I need details on documents assets. Do we consider the employee information spreadsheet also an information asset? Or is just the agreements, contracts etc, which are considered as assets? Please clarify.

  • ISO documentation

    When the organisation is certified with ISO9001 and 27001, and have all the required policies in place. Now that we are in a pandemic what are the documentation changes we need to make in order to accommodate changes like work from home, health and safety etc.

  • Asset movement register

    I want to make an asset movement register, but not getting a perfect idea of how I can make it? do we have any format! My only requirement is , in my company when some asset like laptop need to move on another department so that in such cases what register we need to made.

  • Root cause analysis and corrective action plan

    When we get ourselves checked for surveillance of ISO 27001 standard, we do receive non-conformities. We perform a root cause analysis and corrective action plan for the non-conformities and work to conform them. I would like to know if you have a template to perform the root cause analysis like the fishbone method etc.

  • Is ISO 27001 relevant for clinical data management?

    Is ISO 27001 relevant for clinical data management?

  • Audit and Risk Management

    I'm in the process of an audit for license and patch management for an internal audit...Which documentation is needed for such audit process?

  • Advice on ISMS implementation for Group and subsidiary companies

    Please I need some professional advice

    A holding/group/mother company with other legal subsidiary companies want to implement ISMS for the group with the scope including the subsidiary companies.

    The Group company and the subsidiary companies are all located at the same place

    The same staff works for both the Group company and subsidiary company

    They both share the same assets.

    But the subsidiary companies offer different products and services

    What do you suggest should be the best way to implement the ISMS towards achieving Certification?

  • Questions about risk

    1. What is the expected risk level of the residual risk? Assume acceptance is below 3, should a residual risk level be more than 3 having implemented all controls

    2. Clause 6.1.1 requires actions to address opportunities.
    a. What are opportunities -  in relation to ISMS
    b. What are the actions to address opportunities

    3. What determines likelihood of occurrence in risk assessment ? Is it the frequency for occurrence of an activity/process?
Page 138 of 544 pages