ISO 27001 & 22301 - Expert Advice Community

Home / ISO 27001 & 22301

Discussions

Top Contributors

Expert

Rhand Leal

4151
Discussions
Expert

Carlos Pereira da Cruz

1915
Discussions
Expert

Dejan Kosutic

365
Discussions

Most Popular Tags

Product: Conformio Product: ISO 27001 Documentation Toolkit Product: ISO 13485 & MDR Integrated Documentation Toolkit ISO 27001 Product: ISO 27001 & ISO 22301 Premium Documentation Toolkit ISO 9001 Risk Assessment Product: ISO 13485 Documentation Toolkit ISMS register of requirements Internal Audit Product: ISO 27001/Risk Assessment Table Product: ISO 27001 & ISO 27017 & ISO 27018 Cloud Documentation Toolkit Product: ISO 27001 Internal Auditor Course Product: EU GDPR Documentation Toolkit
Select
CREATE NEW TOPIC +
Guest

Guest

Create New Topic As guest or Sign in

HTML tags are not allowed

Select

Assign topic to the user

  • Privacy of customer data

    We are providing cloud hosting services to various companies, and we do not know which kind of data they are processing on our servers. How do we fill out the Policy for Data Privacy since we do not have access to our customer data?

  • Becoming an ISO 27001 consultant

    1. I am at a cross road in my 30+ year career in Accounting and I'm looking for a change. What are the requirements to become an ISO 27001 lead implementer and how can I become an independent consultant?

    2. Will your course prepare me to take the ISMS with Exemplar Global?

  • Roles and Responsibilities of the Board in Cyber Security

    I will appreciate any input to a paper I am writing to the board on the ‘The Roles and Responsibilities of the Board in Cyber Security.

  • Requirement from ISO 27001 for calibration

    Is there any specific requirement from ISO 27001 for calibration?

  • Independent review

    Can this requirement for 'Independent Review' be satisfied internally? That is, review of the ISMS policies and procedures by an in-house team that is not directly attached to the ISO 27001 effort?

    Can this requirement be satisfied through the ISO 27001 Certification process, citing the 2 minor audits between major certification as our Independent Review?

    Otherwise, what is the best course of action to meet this requirement, and could we gain and keep certification without using this control?

  • Corrective Action Plan

    I have a confusion on CAP sheet, is this made after audit or can it be included in the Audit Sheet or is it completely separate? (Read https://advisera.com/27001academy/blog/2013/12/09/practical-use-of-corrective-actions-for-iso-27001-and-iso-22301/) but not able to clarify.

  • Risk assessment and risk treatment methodology

    1. As per our meeting yesterday, you have suggested to calculate risk value as Impact + Threat + Vulnerability. How do I scale Threat and Vulnerability?

  • About sending project proposals

    Certain questions are confusing sometime... It depends how do you look at them...For example, see the following question...(Under Module 7, practice exam, last question).

  • Certification audit questions

    I have 2 questions:

  • CISA and ISO 27001 Lead Auditor

    I have more than 20 years IT experience, with 10+ years managerial experience. I am still working as an IT Manager, but strongly feel the need to prepare for the next level of my career, to change to infosec by getting a job with a Cyber security company before a final career switch into infosec consulting.
Page 224 of 544 pages