Guest
Guest
Create New Topic As guest or Sign in
Assign topic to the user
-
BCP Framework following ISO 22301
I need to craft out the BCP Framework following ISO22301 standard for critical IT systems, how do go about doing that?
-
Certified ISO auditor in the US
I have an easy question for you. I am new to ISO anything. I like the way the framework is laid out. I have heard this framework (ISO 27000) is primarily used in Europe. I know ISO was started as a British standard, but is there a need to be a Certified ISO auditor in the US? Are American companies using or have to be certified under ISO? Since I live in the US, I am just wondering if it will help my career to take training and get certified.
-
ISO 27001 implementation
How to install and what roadblocks they have experienced that delayed, or stopped, implementation
-
Risk Statements
Hereby a question on how to write good risk statements using the known ISO risk component from 27005, Annex D (Threat, Vulnerability). Various articles (e.g. ISACA) highlight a risk statement on the formula: [Event that has an effect on objectives] caused by [cause/s] resulting in [consequence/s]. Can that in the ISO world be translated into: Threat (that has an effect on objectives) caused by a vulnerability resulting in a business consequence. So taking 27005, Annex D, the first row in the table, the Risk Statement will be: There is a risk of "breach of information system maintainability" due to "insufficient maintenance installation of storage media." This may lead to XWY. Or is it the other way round. That the risk is the "vulnerability"??? -
SAMA and ISO 27K: common control
can i understand the common control between SAMA and ISO 27K
-
A.11 Domain Requirements List
Please i want to know the specific requirements to achieve the A.11 domain of ISO27001 certification. My organization is considering becoming ISO certified
-
Controls for Stage 2 audit
Hi, do I need to have implemented and be able to evidence all of the controls identified in the SoA for the Stage 2 audit or can I state which ones are fully live and which are still in progress.
-
Annex 12-4
Please sir in the toolkit of ISO 27001 under the Annex 12-6 there is a table for the level of logging by device type. Please can you throw more light on this form me?
-
ISMS system
Thanks, Dejan. This is useful. Usually, most companies would have their best people in front of the customers. Sadly when it comes to implementation they are not around and the entire activity is left to inexperienced folks who usually go by the book.
1. What isms documents do the auditors look at? Or to say which document is critical to iso certificationWe have put in place an isms system. We are yet to perform a gap assessment to evaluate how far we have progressed in the journey. To me, this is the time ( prior to gap assessment and then certification) to assess how much of what we have written is applicable i.e of relevance in context to changing business requirements, to organization appetite for investment, and then amend the isms to appear more practical.
Does the above mentioned is relevant?
2. What isms documents do the auditors look at? Or to say which document is critical to iso certification
-
ISO 27001 certification
How can I get certified within 3 months?