Guest
Guest
Create New Topic As guest or Sign in
Assign topic to the user
-
ISMS Risk Assessment & COSO Enterprise Risk Management
Is there anyone who has implement COSO ERM and ISMS together? Can you use COSO ERM to do ISMS risk assessment? Can someone share how it is being implemented? Do you use any tools?
Can ISMS use its own risk assessment methodology and approach that is different from COSO ERM?
-
Analysis with each standard and implementation
Como se evalúa para hacer el cobro por el análisis con cada norma y la implementación
-
Vulnerabilities
Hello Advisera Team,
I have a question about Vulnerabilities in Risk assessment in ISO 27001: is it something which already has place, or something which could potentially happen in the future?
I mean, in your example below, if we have UPS, fire extinguisher, and fire protection, are all those risks not relevant for us? So we don’t enter them in our Risk Assessment Table?
-
Should the champions be the head of departments?
Hi, I have recently been appointed as the ISMS lead in a small university. Currently trying to appoint the champions to work with. Should the champions be the head of departments or can I appoint other members of the department?
-
27001 or NIST for Local Bank
I would like to ask a question on how to implement the best security policy for my bank. As we just create a new Security Unit and I will handle this team.
First, we are thinking of IT policy, Security Framework, Compliance with legal, SIEM, and SOC. Is it the best approach? -
Collection of evidence
Can you please explain the implementation of the Point mentioned in the Doc A.16_Incident_Management_Procedure_27001_EN.
-
Scaling implementation of ISO 22301 to facilitate implementation
How can we best scale the implementation of ISO 22301 to facilitate implementation in a range of countries and locations ranging from countries with a presence of approx. 10 people to countries with >10,000 people across multiple business streams and locations?