Guest
Guest
Create New Topic As guest or Sign in
Assign topic to the user
-
GCP security controls which comply with ISO 27017
Can you advice me on GCP security controls which comply with ISO 27017 with respect to application level security..could you please help me with that..would be a great help for me? -
Control number A.8.1.3
What does acceptable use of assets intend to say in the control number A.8.1.3
-
Making evidence to RPO and RTO
If you could help to understand how Can I make evidence to RPO and RTO?
-
Impact details for each ISO 27001 control
I want impact details for each iso 27001 control
I need impact details for all iso 27001 114 controls if not implemented -
No data security clause in existing employee and commercial contracts - should we send an addendum to all contracts?
I have assumed that it is recommended to have a clause referencing data security in employee and commercial contracts with suppliers and clients.
We therefore have an action to create a new standard contract for employees, suppliers and clients to include the new data security requirement.
However, my question is, what is the recommended approach for existing employees, suppliers and clients who’s contracts do not include the necessary data security clause. Should we be sending an addendum to the contracts? Is it recommended that we do this as part of our ‘treatment’ action on the data security risk that employees, suppliers and clients alike pose to our business.
-
Identifying the changes in ISO 27001 scope
My organization is certified for ISO 27001:2013.
We are planning to shift some of the on-prim applications to cloud (public cloud with virtual private cloud).
I request your help in identifying the changes in ISO 27001 scope.
What clauses and controls, I need to check at "on-prim" as well as "cloud"?