ISO 27001 & 22301 - Expert Advice Community

Home / ISO 27001 & 22301

Discussions

Top Contributors

Expert

Rhand Leal

4151
Discussions
Expert

Carlos Pereira da Cruz

1915
Discussions
Expert

Dejan Kosutic

365
Discussions

Most Popular Tags

Product: Conformio Product: ISO 27001 Documentation Toolkit Product: ISO 13485 & MDR Integrated Documentation Toolkit ISO 27001 Product: ISO 27001 & ISO 22301 Premium Documentation Toolkit ISO 9001 Risk Assessment Product: ISO 13485 Documentation Toolkit ISMS Internal Audit register of requirements Product: ISO 27001/Risk Assessment Table Product: ISO 27001 & ISO 27017 & ISO 27018 Cloud Documentation Toolkit AS9100 Product: EU GDPR Documentation Toolkit
Select
CREATE NEW TOPIC +
Guest

Guest

Create New Topic As guest or Sign in

HTML tags are not allowed

Select

Assign topic to the user

  • Adopting the ISO 27001 standard

    I have a meeting next week the 27th with the *** where I have been selected to present a technical overview to adopt the standard officially in *** for our Banking Sector and Auditing Firms. If I may ask, what would you suggest a good platform to present to them a foundational background and why it is important to any organization to adopt the standard?

  • Business impact analysis

    does the new ISO 22301:2019 makes obsolete ISO 22317:2015?
    In the new version of ISO 22301 Risk assessment is connected with BIA.

  • ISO Standards for HR Policies

    I am considering adopting ISO standards for HR Policies. Can you tell me why I should adopt ISO standards for my HR Policies?

  • Maintenance of ISO 27001

    1. I want the process of maintenance after organization certified with ISO 27001.

    2. How to maintain the document policies procedures etc related the ISMS

  • Asset for Risk Assessment

    How do I know I have listed all assets for the risk assessment?

  • ISO 27001-ISO 27017 and ISO 27018

    Our company is ISO 27001-2013 certified and also attested 27018 and 27017.
    The question is if we move our apps into the cloud, will this revoke our certificate - we can not claim that we are ISO certified ?!
    My personal opinion, No, we still are certified and will continue be certified as long as all our security controls are in place and we are taking all necessary measures and keeping monitoring the effectiveness of our control

  • ISO 27001 costs estimate

    I'm trying to figure out costs in relation to certification. I know there is a documentation cost (if we choose to go that way) and then there is a certification cost. However, I am struggling to get a sense of the total cost. We are a small *** company (less than 12 employees) providing a SaaS from a cloud hosted environment. For budget purposes, I just need a ballpark figure.

  • Document control

    Please advise on the following:
    For our document control and storage:

    We have created area called:

    ISMS Documents, which has 2 sub folders:
    a. Confidental Folder
    B  Non Confidential Folder

    We have external contracts, and then we have our contracts, which is created internally.

    All our contracts are stored under "Non Confidential/Contracts". Would we need to be able to identify internal from external.
    How does one manage this, as internal needs to follow history change table, where as external, is dependent is controlled from the external party

  • Clarification of terms used in ISO

    Hi there, generally speaking, does ISO still use the term observation or is the term Opportunity for Improvement used now?

  • Gap analysis

    1. I have a question to ask. Do we do the gap analysis first or IT risk framework?

    2. Which is easier to do? Looking forward to your feedback.
Page 172 of 544 pages