ISO 27001 & 22301 - Expert Advice Community

Home / ISO 27001 & 22301

Discussions

Top Contributors

Expert

Rhand Leal

4151
Discussions
Expert

Carlos Pereira da Cruz

1915
Discussions
Expert

Dejan Kosutic

365
Discussions

Most Popular Tags

Product: Conformio Product: ISO 27001 Documentation Toolkit Product: ISO 13485 & MDR Integrated Documentation Toolkit ISO 27001 ISO 9001 Product: ISO 27001 & ISO 22301 Premium Documentation Toolkit Risk Assessment Product: ISO 13485 Documentation Toolkit ISMS register of requirements Internal Audit Product: ISO 27001 & ISO 27017 & ISO 27018 Cloud Documentation Toolkit Product: ISO 27001/Risk Assessment Table ISO 14001 Product: ISO 27001 Internal Auditor Course
Select
CREATE NEW TOPIC +
Guest

Guest

Create New Topic As guest or Sign in

HTML tags are not allowed

Select

Assign topic to the user

  • Implementing ISMS in other Business Dept.

    Hi I have implemented ISO 27001 in IT dept. as scope and I have successfully implemented and got certified.Now I need to increase my scope to other departments. I need to know how can I do it ? How I will go the gap assessment ? What are the controls that I should do the gap assessment as most of the information processing systems lie within the IT dept. What information I have to protect as the information within other dept. will be confined to paper assets. Please advise me what approach should I take to extend my scope. Thanks

  • ISO and IEC

    Is it accurate to refer to the Standard as ISO 27001 whereas it's reference number is ISO/IEC 27001?

  • ISO standard for publishing industry

    Is there an ISO standard for placing records and documents into different types of categories for the publishing industry?

  • Decommissioning Apps/Software

    Hi, Where can I find good information on the process to follow when decommissioning apps/software/systems? I need something that aligns with ISO27001. Thanks, Brian.

  • KPIs for ISO 27001

    Hello, could you please inform what are the mandatory KPIs for ISO 27001?

  • Supplier security

    In our company, internet service provide with two Source which one of them is our interested party and other is ISP. Interested party is top level of our company that don’t have any SLA and contract about internet service.What’s your idea about this?

  • ISO 27001 / ISO 22301 Implementation Project Plan

    Would this (ISO 27001 / ISO 22301 Implementation Project Plan) guarantee ISO certification?

  • Implementation support

    Thanks for your reply, I am actually looking for implementation support for following controls of ISO 27017 CLD.6.3.1, CLD.8.1.5, CLD.9.5.1, CLD.9.5.2, CLD.12.4.5, CLD.13.1.4.

  • Access control policy and password policy

    If we decide to have an Access Control Policy and a Password Policy - which sections of annex A of the ISO standard are relevant for each document (which reference controls out of annex A)? I’m having a hard time getting the right controls into each document. Of course you put them in each policy, but sometimes I’m able to delete one control out of the policy if I decide to have a separate policy for a specific topic. Maybe some have to exist in both documents, maybe some are enough if they’re just in one. Can you please list them quick for me for each document?

  • Cyber attack security controls

    I would like to know, which standard is responsible to identify the cyber attack security controls and precaution measures is it ISO-22301 or ISO-27001. In our organisation myself managing the BCM department which is complying to ISO 22301, our IT team is maintaining the ISO 27001, however, their BCP has been developed by us in collaboration with them. The plan is generic, outline the response to any major incident such as loss of power, fire, cyber attack..etc. My new line manager is insisting that it is the BCM department responsibility, I have a doubt and I need some advice.
Page 229 of 544 pages