Guest
Guest
Create New Topic As guest or Sign in
Assign topic to the user
-
List of legal requirements
I have a question regarding the list of legal requirements. Do we need to include clauses from contracts with our employees such as “the employee will return all confidential information to the company upon termination of employment”? If so, please could you show me how this would be recorded in the form provided. -
Auditing BCP and DRP
Any advise on auditing Business Continuity and Disaster Recovery Plan? -
High Risk Apetite
Hi If the CEO of a company is claiming that they have high risk appetite and as a Risk Practitioner can I convince him that actually they have low risk appetite. Or what are the ways and options to prove him wrong and actually his company cannot tolerate more risks Please advice -
Managing regulations of different countries
I'm working on a project where in the regulatory requirement of a financial institution needs to be documented. Create a Center of Excellence where employees facing regulators from different countries where the organization is located can look and get information. How can you help? -
Surveillance audit schedule
Please let me know if there is a list of what is being audited in the audit after a year by the certification house. I mean auditing one year after ISO 27001 has been introduced. What is being done and checked or is it individually, depending on the auditor's assessment?We are smaller company (approx.10 employees). -
List of Legal, Regulatory, Contractual and Other Requirements
I‘m working with a client in implementing ISO 27001. I was trying to explain to him that they need to have a list of interested parties , legal and contractual requirements but I was wondering if you could send me an example of such a document i.e partially filled out so I can better explain this to him ? -
Audit evidence and management review purpose
1. Is it required to show the VA/PT results to ISO auditors? -
Developing an ISO 27001 project
How can I fill out this document, examples. In the word that I downloaded it only sends you to the page of the theory but does not say how to fill it. It is Project checklist for implementation of ISO 27001. -
ISO 27001 benefits
The most difficult part I have found in the implementation of Information Security is to be able to convince the Directives that the adoption of ISO 27001 is something important for the Institution. Any ideas? -
ISO 27001 consultant's questions
1. It would be very advantageous for my clients to do a self-assessment against each of the statements within ISO 27000 i.e. for the level of Importance and Rating (Current State and Future State). Could you let me know what the restrictions are regarding this or of this something offered?