ISO 27001 & 22301 - Expert Advice Community

Home / ISO 27001 & 22301

Discussions

Top Contributors

Expert

Rhand Leal

4151
Discussions
Expert

Carlos Pereira da Cruz

1915
Discussions
Expert

Dejan Kosutic

365
Discussions

Most Popular Tags

Product: Conformio Product: ISO 27001 Documentation Toolkit Product: ISO 13485 & MDR Integrated Documentation Toolkit ISO 27001 Product: ISO 27001 & ISO 22301 Premium Documentation Toolkit ISO 9001 Risk Assessment Product: ISO 13485 Documentation Toolkit ISMS Internal Audit register of requirements Product: ISO 27001 & ISO 27017 & ISO 27018 Cloud Documentation Toolkit Product: ISO 27001/Risk Assessment Table ISO 9001:2015 ISO27001
Select
CREATE NEW TOPIC +
Guest

Guest

Create New Topic As guest or Sign in

HTML tags are not allowed

Select

Assign topic to the user

  • How to create item 4 of ISO 27001

    I am implementing ISO 27001 in the company I work for, but the spreadsheet created by the consultancy that serves us is more based on ISO 9001 than for ISO 27001, is there another way to document this item, or would it be basically like ISO 9001?

  • Como Criar o item 4 da ISO 27001

    Estou implantando a ISO 27001 na empresa que trabalho, mas a planilha criada pela consultoria que nos atende, é mais baseada na ISO 9001 do que para a ISO 27001, tem outra forma de documentar esse item, ou seria basicamente como na ISO 9001?

  • Requirement for DR site

    I am looking for the requirement for the DR site to be at least 15km away from the main site.

  • Can we change the scope of ISO 27001

    I have a little problem or a concept that I want to ask related to ISO 27001 scope and ISMS
    let for example a new startup start and when they have 20 employee they will try to certify themselves and they got certified and they certified whole organization because they CEO think that it will help them in market as well in information security
    and when they grow and when they have about for example 3000 employee they understand that they didn't need to certify every bit of area of organization with iso 27001 and they just want to change they scope from whole organization to only for those information about they employee and they customer so at the end they can able to do that or not????
    i know a gave a example that we can't see in our real life but we can do that or not??
    wait for you reply
    hope you will understand what i want to say :)

  • Needs and Expectations of Interested parties

    Are needs and expectations same or different for one interest party? If different are the needs and expectations both the requirements for the interested party stated example client. Or in the case of the client the needs are what organization wants from the client and what expectations does the client have from the organization?

  • Information security policy in contracts

    Does the information security policies have to explicitly be in the contract or is it enough if it’s in the employee handbook?

  • Feedback on Cloud Computing

    What says ISO 27001 about deleting information on cloud computing?

  • Training on ITIL

    by having my whole IT team trained on ITIl does it benefit getting 27001 compliance

  • Table Top Exercise /Drill Validity in meeting ISMS Certification

    ur organization has achieved ISO27001:2013 certification for few years. All the while, we have conducted the Full Testing for our IT Dr drill. Recently, we switched to the Table Top or Plan Walkthrough for our drill. Would this meet the ISMS certification requirements during the surveillance audit? As far as my understanding of Annex A.17.1 of ISO 27001:2013, a performed test or drill is considered already fulfilling the requirements.
Page 158 of 544 pages