ISO 27001 & 22301 - Expert Advice Community

Home / ISO 27001 & 22301

Discussions

Top Contributors

Expert

Rhand Leal

4151
Discussions
Expert

Carlos Pereira da Cruz

1915
Discussions
Expert

Dejan Kosutic

365
Discussions

Most Popular Tags

Product: Conformio Product: ISO 27001 Documentation Toolkit Product: ISO 13485 & MDR Integrated Documentation Toolkit ISO 27001 Product: ISO 27001 & ISO 22301 Premium Documentation Toolkit ISO 9001 Risk Assessment Product: ISO 13485 Documentation Toolkit ISMS register of requirements Internal Audit Product: ISO 27001/Risk Assessment Table Product: ISO 27001 & ISO 27017 & ISO 27018 Cloud Documentation Toolkit Product: ISO 27001 Internal Auditor Course Product: EU GDPR Documentation Toolkit
Select
CREATE NEW TOPIC +
Guest

Guest

Create New Topic As guest or Sign in

HTML tags are not allowed

Select

Assign topic to the user

  • Rules for identification, collection and preservation of evidence

    Where is my question (in which document): Rules for identification, collection and preservation of evidence (self-created);

  • Certification as a Lead Implementer and Lead Auditor

    I'm currently working as the Senior Information Security Administrator for a XXXXX that will be undergoing its first ISO 27001 annual audit (initially certified last September) next month. For this reason the Internal Auditor Course has been invaluable, especially as I and my colleagues prepare for the audit, and I plan to take the exam and obtain the certification as soon as I complete the course.

  • ISMS measurement

    I have a new job as Information Security Officer in a startup company in XXXXX. They are preparing for ISO 27001 certification since last year. Last month, we had Audit stage 1 but with one major con conformity and others minors ones. The major one is related with the measure of ISMS. Can you guide me how to do it?

  • Incident management procedure

    In that part of the document my question is: "Management of records relating to this document“

  • Cloud Services Agreement Guidelines

    I noticed that the SOA (cloud version) mentions a doc called "Cloud Services Agreement Guidelines" a few times. I cannot find that document in any documentation kit.Is it an actual document?

  • Internal audit

    1. Hello I struggle to close this NC 12.8 Review of information system. Do you have samples of:

  • Certification bodies

    Do you have a list of audit companies that are familiar with cloud based assets?

  • ISO 27001 toolkit content

    I am currently working intensively with your premium package and I am missing vital parts of the ISO 27001 appendix controls:

  • SWOT Analysis and ISO 27001

    We are ISO 9001: 2015 certified and we have already performed a SWOT analysis. Can we use this SWOT analysis for ISO 27001 or should the SWOT be more focused on security aspects?

  • ISO 27001 implementation

    I only have a question but not about the ISMS scope because I was told by my friend that if I don't have any knowledge about Project management and business analysis at all, that ISO 27001 will be difficult for me to understand. He said in ISO 27001 there is a part you have to implement a project and if I don't know anything about PM and BA I can't do that. So my question is must I have a knowledge about PM and BA before any ISO?
Page 234 of 544 pages