ISO 27001 & 22301 - Expert Advice Community

Home / ISO 27001 & 22301

Discussions

Top Contributors

Expert

Rhand Leal

4151
Discussions
Expert

Carlos Pereira da Cruz

1915
Discussions
Expert

Dejan Kosutic

365
Discussions

Most Popular Tags

Product: Conformio Product: ISO 27001 Documentation Toolkit Product: ISO 13485 & MDR Integrated Documentation Toolkit ISO 27001 Product: ISO 27001 & ISO 22301 Premium Documentation Toolkit ISO 9001 Risk Assessment Product: ISO 13485 Documentation Toolkit ISMS Internal Audit register of requirements Product: ISO 27001 & ISO 27017 & ISO 27018 Cloud Documentation Toolkit Product: ISO 27001/Risk Assessment Table ISO 9001:2015 ISO27001
Select
CREATE NEW TOPIC +
Guest

Guest

Create New Topic As guest or Sign in

HTML tags are not allowed

Select

Assign topic to the user

  • How does IT prioritize the individual systems within each activity that IT has to enable?

    Great stuff on BC and others. I have a question. When IT has an RPO and RTO and the other activities do too, how does IT prioritize the individual systems within each activity that IT has to enable?

    I understand that your illustrations accounted for the overall activities. Like restoring loans or the payment processing departments and which to do first. But what if within the payment processing department their are process priorities? How does the IT department know which system to enable first within the payment processing processes?

    Or am I getting to granular?

  • Advantages and disadvantages of certification against ISO 27001 standard

    Advantages and disadvantages of certification against ISO 27001 standard

  • Certify company in safe data destruction and recycling

    Necesitamos certificar a nuestra empresa en el borrado de datos seguro, ya sea por métodos de software o por destrucción de discos, y que podamos demostrar o certificar que los datos son irrecuperables para las maquinas dadas de baja por el cliente.

  • Inventory of Assets template

    I was wondering if you can help me with the document "A.8.1_Inventory_of_Assets_27001_EN".  I am wondering what goes under "Impact" as this part is not clearly explained.

  • ISO 27001 implementation

    If I buy the ISO 27001 Toolkit, do the templates take into account an integration into an already implemented ISO 9001?

  • Information Security Policy vs IT Security Policy

    My company has purchased your workshop and documentation toolkit for the ISO 27001 Implementation. We are working on the documents and the statement of Applicability is posing a real challenge.

    One thing though I want to be clear on, in your documentation, folder 02 (General policies), I see the information security document which is a relatively short document and not very detailed. However, in the statement of Applicability, I see reference is made many times to the IT Security Policy, which means it should be quite an extensive document.

    Please is the Information Security Policy the same as the IT Security Policy?

  • SoA and selection of control A.11.2.9 Clear desk and clear screen policy

    I have a question, about SoA and selection of control A.11.2.9 Clear desk and clear screen policy.

    1. How much there is room for modifying the procedure concerning the control, if there is only need for the clear screen policy but no need for a clear desk policy?

    2. Can one select the control as applicable on SoA and then write procedure concerning only the clear screen policy (or if required adapt the clear desk policy only concerning specific areas such as conference rooms, reception area, etc.?

  • Preparation to comply with ISO 27001:2018

    How to make preparation in order to comply with ISO 27001:2018?
Page 167 of 544 pages