ISO 27001 & 22301 - Expert Advice Community

Home / ISO 27001 & 22301

Discussions

Top Contributors

Expert

Rhand Leal

4151
Discussions
Expert

Carlos Pereira da Cruz

1915
Discussions
Expert

Dejan Kosutic

365
Discussions

Most Popular Tags

Product: Conformio Product: ISO 27001 Documentation Toolkit Product: ISO 13485 & MDR Integrated Documentation Toolkit ISO 27001 Product: ISO 27001 & ISO 22301 Premium Documentation Toolkit ISO 9001 Risk Assessment Product: ISO 13485 Documentation Toolkit ISMS Internal Audit register of requirements Product: ISO 27001/Risk Assessment Table Product: ISO 27001 & ISO 27017 & ISO 27018 Cloud Documentation Toolkit AS9100 Product: EU GDPR Documentation Toolkit
Select
CREATE NEW TOPIC +
Guest

Guest

Create New Topic As guest or Sign in

HTML tags are not allowed

Select

Assign topic to the user

  • ISO 27001 Security Awareness Training

    Hi,

    Can your Awareness training cover some of your controls without need to further document. Say for instance i have a slideshow presentation and it covers media handling. It is ok to say that the control is selcetd in the SoA and reference out to the training document?


    Thank you,

  • A-14.2.5 - Secure system Engineering Principles

    As per ISO27001 “Secure system Engineering Principles” is a mandatory document. I went via multiple threads in https://community.advisera.com  as well. Any specific reason why Advisera doesn’t provide a template for the same in Toolkit in spite of being a mandatory document.

  • List of regulatory, contractual and other legal obligations

    I noticed that in some comments on the templates, the links that involve videos or articles to clarify the correct filling of the document are broken, especially those from *infosecpedia.info domains and in some cases from *iso27001standard.com.

    I would like to know what to fill in the columns of the "List of regulatory, contractual and other legal obligations"?

  • MATRIZ RACI ISO 27001

    Con el fin de establecer las responsbilidades de TIC y Seguridad de la Información, quisiera saber si talvez ya han preparado este tipo de documentos por favor Muchas gracias.

  • Annex A

    Hello, I bought ISO27001 full package documents.
    I'm wondering if all of the items in Annex A are mandatory?

  • Internal Audit

    In reference to your conversation, could you please advise who should approve the Internal Audit?

    We have a CSO and an AVP, Info Sec.

  • Logical return to work process

    I have been utilizing the ISO 22301 documentation extensively that I purchased via your company a while back. I used it to prepare our planning and it has proven very useful.

    One aspect I am struggling with though and wanted to ask your feedback. I cannot see a logical return to work process/checklist amongst the documentation. I am clearly thinking ahead to how our business will return to business as normal but in a logical/structured manner.

    Is this something you can help with? Even better if pandemic related?

  • Software Development Security

     I have some clarification with regards to A 14 Domain.

    1. Why ISO 27001 documentation toolkit from Advisera does not have a template for “Secure Development Environment Guidelines”?

    2. We are a medium organization where we do limited development particularly customization of COTS software (Web Content Management {CMS} and Student Information Management {SIMS}). In this case how to analyze which A 14 controls will be applicable to our organization?

  • Business continuity in EU

    Hello, I am looking for laws and regulations on 'industry sector' and business continuity in EU
    I am interested in BC of critical infrastructures in a industrial big organisation.
Page 186 of 544 pages