ISO 27001 & 22301 - Expert Advice Community

Home / ISO 27001 & 22301

Discussions

Top Contributors

Expert

Rhand Leal

4151
Discussions
Expert

Carlos Pereira da Cruz

1915
Discussions
Expert

Dejan Kosutic

365
Discussions

Most Popular Tags

Product: Conformio Product: ISO 27001 Documentation Toolkit Product: ISO 13485 & MDR Integrated Documentation Toolkit ISO 27001 Product: ISO 27001 & ISO 22301 Premium Documentation Toolkit ISO 9001 Risk Assessment Product: ISO 13485 Documentation Toolkit ISMS Internal Audit register of requirements Product: ISO 27001/Risk Assessment Table Product: ISO 27001 & ISO 27017 & ISO 27018 Cloud Documentation Toolkit AS9100 Product: EU GDPR Documentation Toolkit
Select
CREATE NEW TOPIC +
Guest

Guest

Create New Topic As guest or Sign in

HTML tags are not allowed

Select

Assign topic to the user

  • Where do you see ISO 27001 in the future?

    Where do you see ISO 27001 in the future compared to the more widely known standards such as ISO 9001 and ISO 134001? Will it be the most important standard in the future due to the change in working routines?

  • Interested Parties

    I am currently writing the document for interested parties (ISO 27001:2013). Is it mandatory to write the names of the clients, or can we just categorize them as "clients" or "food clients"?

  • Annex A.17.1/2/3

    To explain what Annex A.17.1/2/3 really means and what is required to show compliance

  • Data integrity

    1. Como ISO 27001 puede asegurar la integridad de los datos en una empresa que necesita crear todas sus políticas de seguridad desde cero,

    2. el retorno de la inversión de un proyecto ISO 27001 es factible?

  • IS responsive culture

    What can be done to get the company on board to build an IS responsive culture and to be proactive in this matter?

  • Are we allowed to change ISMS policies on our own

    We want to make some changes to our policy before our first surveillance audit. We have the ISO 27001 certificate now. Can we simply change the policy on our own without informing anyone?
    Are we allowed to change ISMS policies on our own?

  • Risk Assessment - Defining asset ownership

    When defining asset ownership, would it be correct to set the company board / managers as the owners of some of the assets such as contractors or employees?

  • Communication Security

    I want to know how to document network controls when we don't have a specific server for our company connecting the computers.
    All our databases are cloud based, so we don't require a server. Can I exclude A.13.1 fully.

  • ISO 9001 + 27001 + 22301 implementation

    1. I would like to implement ISO 9001 + 27001 (+ 27002 + 27031) + 22301 (+22313) all at the same time within the same company. I know there is quite a lot of overlap between these standards, but what would you advise we use as a starting point? Should we start with 9001 and add-on all of the additional requirements from the other standards? or start with 27001 ... ? What would you recommend?

    2. Is there some sort of overview available of the overlap and differences between these standards?
Page 157 of 544 pages