ISO 27001 & 22301 - Expert Advice Community

Home / ISO 27001 & 22301

Discussions

Top Contributors

Expert

Rhand Leal

4151
Discussions
Expert

Carlos Pereira da Cruz

1915
Discussions
Expert

Dejan Kosutic

365
Discussions

Most Popular Tags

Product: Conformio Product: ISO 27001 Documentation Toolkit Product: ISO 13485 & MDR Integrated Documentation Toolkit ISO 27001 Product: ISO 27001 & ISO 22301 Premium Documentation Toolkit Risk Assessment ISO 9001 Product: ISO 13485 Documentation Toolkit ISMS Internal Audit register of requirements Product: ISO 27001/Risk Assessment Table Product: ISO 27001 & ISO 27017 & ISO 27018 Cloud Documentation Toolkit Product: ISO 27001 Internal Auditor Course Product: EU GDPR Documentation Toolkit
Select
CREATE NEW TOPIC +
Guest

Guest

Create New Topic As guest or Sign in

HTML tags are not allowed

Select

Assign topic to the user

  • Documenting ISO 27001 and ISO 22301 documents

    Hello, I have a question, I have read the list of documents in which are detailed which are mandatory in 27001 and which in 22301, in my case. We only carry out those that are obligatory but, I do not understand if I have to do them in duplicate for each one of the rules or if you only have to make a single document naming the two norms in the same or on the contrary you have to make a document for each one of the standards, specifying that it is the SGSO and of the SGCN. Can you confirm it please? Thank you.

  • BCM template content

    I would like to clarify a few questions regarding the BCM template “22301_25999_En templates” which we bought:

  • Information classification policy

    I need help on Information Security Classification Standard how can i do first draft and important materials.

  • Pre-certification audit

    How does a pre-certification audit (gap-analysis) differ from stage1 audit?

  • Defining controls

    Our company has a platform developer team and web designer. For the sake of information security, do we have to isolate their work space (physically) ? Like put them into a restricted accessible room?

  • Documenting roles and responsibilities

    We have implemented ISO 9001:2015 ans 27001:2013 standard in our organisation. I have one doubt.

  • Risk Assessment Table template

    We can not find an "impact" column in Risk Assessment Table.

  • Information assets

    Please help me with information assets.

  • SOA question

    I am going through the ISO 27001 documents with the assistance of your great templates. Support advised me that I can email you with a question. I'm wondering if the vast majority of the 114 controls in the SOA typically need to be used in order to meet the compliance requirements. If the risk assessment identified that only 20 controls are required, could the remaining controls be set to "No" in the SOA? -then how would you justify that it wasn't required.

  • Controls in SoA

    I'm wondering in the statement of applicability, in order to get certified is it mandatory to implement almost all of the controls? Like if I exclude half of the controls because they aren't identified in the risk assessment, is the auditor going to say that isn't acceptable?
Page 239 of 544 pages