Guest
Guest
Create New Topic As guest or Sign in
Assign topic to the user
-
ISMS processes for personnel security
What are the processes involved in ISMS as a security personnel? -
Risk assessment and treatment
Appreciate if you can clarify something for me; -
SOC 2 and ISO 27001
XXXX is a principal in a devops company that was looking for some help on a SOC2 issue. I remember you are more of an ISO specialist, but perhaps there is some overlap? -
Residual risk
I am busy with the Risk Assessment of ISO 27001 just want to find out if I should calculate the residual risk based on the treatment plan which has not implemented as yet or should I wait for the treatment plan to be implemented before populating the residual risk? -
Template content
1. Item A 18.2.2 and A 18.2.3. What would be the policy that I can use to cover these 2 points? I could not find any documentation in toolkit. -
Section A.18.1 Compliance with legal and Contractual Requirements
I would like to know which form should I use to full fill this requirement? -
BIA questions
I was going through with the implementation team on some of the templates which we have purchased under the toolkit, one of which is the BIA questionnaires. We would like to know if you have a list of definition to the questions in the BIA template. We would want to have a common understanding to each of the questions. Examples those below shown below. -
ISMS vs ISMF
Can you tell me what is the difference between an information security management system and an information security management framework? -
Document review
I would just like to ask what is the most appropriate document review frequency of ISMS policies & procedures, should it be yearly or bi-yearly? -
Audit standard
I have started my career as a Info security consultant where I will be a part of audit and risk assessment.