ISO 27001 & 22301 - Expert Advice Community

Home / ISO 27001 & 22301

Discussions

Top Contributors

Expert

Rhand Leal

4151
Discussions
Expert

Carlos Pereira da Cruz

1915
Discussions
Expert

Dejan Kosutic

365
Discussions

Most Popular Tags

Product: Conformio Product: ISO 27001 Documentation Toolkit Product: ISO 13485 & MDR Integrated Documentation Toolkit ISO 27001 Product: ISO 27001 & ISO 22301 Premium Documentation Toolkit Risk Assessment ISO 9001 Product: ISO 13485 Documentation Toolkit ISMS Internal Audit register of requirements Product: ISO 27001/Risk Assessment Table Product: ISO 27001 & ISO 27017 & ISO 27018 Cloud Documentation Toolkit Product: ISO 27001 Internal Auditor Course Product: EU GDPR Documentation Toolkit
Select
CREATE NEW TOPIC +
Guest

Guest

Create New Topic As guest or Sign in

HTML tags are not allowed

Select

Assign topic to the user

  • ISO 27001 systems audit

    I would like to know a little about systems audits on how control domains are evaluated and what does each control domain consist of")

  • Implementing ISO 27001

    I'm planing to implement ISO 27001 to a friends company that is a Security Guards company. He want's to get certified and be a pioneer, but i dont know how to apply the ISO on his specifics. Can we apply any point for physical guard security on the ISO?

  • Audit questions

    A quick two questions, if I may. I have an argue with the certifier (which in the end is always right…)

  • Employee private devices

    Should we include the (private) devices (mobile phones) of our employees in the asset register? In the scope document we have referenced that all assets in the asset register are within the scope. The employees access e-mails via the outlook app and therefore have information of the company on their devices. Is there any up/downside to adding the mobile devices? It would be around 20 devices.

  • Career on information security

    I can't find any middle & big companies regarding ISMS then how can I start my carrier in ISMS ?

  • Media and assets

    I'm just an information security management student. And I have a questions about the ISO 27001. Sometimes in the ISO 27001 they talk about media and sometimes about assets. Like the disposal of media and removal of assets. What is the difference between " media" and "assets"?

  • Risk management

    Un consultor en temas de riesgos a quien apoyo con temas de seguridad informática (material del que soy su cliente) me pide que le colabore con aportes para incluir en su temario sobre GESTIÓN DE RIESGOS EN LA ERA DIGITAL. Les agradezco si tienen informacion que me puedan compartir.

  • ISO 27001 and ISO 9001

    Can ISO 27001 be integrated with ISO 9001?

  • Risk review

    We have been ISO 27001 certified for 4 years now. We had generally the same risks each year and the existing controls are sufficient in mitigating them. At this point, we're really struggling to identify new risks to mitigate and apply a risk treatment to each year. In your experience, is it possible to get by with just "existing controls are sufficient in mitigating this risk" for all risks that need mitigating? Or is it an absolute must to show a current risk treatment plan each year?

  • Access control policy

    Where is my question: Access Control Policy
Page 228 of 544 pages