Guest
Guest
Create New Topic As guest or Sign in
Assign topic to the user
-
27001 or NIST for Local Bank
I would like to ask a question on how to implement the best security policy for my bank. As we just create a new Security Unit and I will handle this team.
First, we are thinking of IT policy, Security Framework, Compliance with legal, SIEM, and SOC. Is it the best approach? -
Collection of evidence
Can you please explain the implementation of the Point mentioned in the Doc A.16_Incident_Management_Procedure_27001_EN.
-
Scaling implementation of ISO 22301 to facilitate implementation
How can we best scale the implementation of ISO 22301 to facilitate implementation in a range of countries and locations ranging from countries with a presence of approx. 10 people to countries with >10,000 people across multiple business streams and locations?
-
ISMS scope - IT admins out of the scope?
Dear Advisera support,
We’ve bought the toolkit – thank you! - and I have a couple of questions regarding ISMS Scope:
1. We want to restrict the scope to one software support service only. There are about 100 employees working on this support service with customers. Could we define the Scope as a service?
2. There are 5 office locations. Should we name exact addresses or just cities?3. There are two servers in the cloud for the service, they are administered by our IT admins, so they are asset owners for them. The question is: can IT system administrators be not in the scope? Or should all the assets/asset owners be in the scope?
-
Conducting ISO 27001 to multiple organizations from one platform
we are an IT company conducting ISO 27k to multiple organizations, can we manage all from 1 platform?