ISO 27001 & 22301 - Expert Advice Community

Home / ISO 27001 & 22301

Discussions

Top Contributors

Expert

Rhand Leal

4151
Discussions
Expert

Carlos Pereira da Cruz

1915
Discussions
Expert

Dejan Kosutic

365
Discussions

Most Popular Tags

Product: Conformio Product: ISO 27001 Documentation Toolkit Product: ISO 13485 & MDR Integrated Documentation Toolkit ISO 27001 ISO 9001 Product: ISO 27001 & ISO 22301 Premium Documentation Toolkit Risk Assessment Product: ISO 13485 Documentation Toolkit ISMS register of requirements Internal Audit Product: ISO 27001 & ISO 27017 & ISO 27018 Cloud Documentation Toolkit Product: ISO 27001/Risk Assessment Table ISO 14001 Product: ISO 27001 Internal Auditor Course
Select
CREATE NEW TOPIC +
Guest

Guest

Create New Topic As guest or Sign in

HTML tags are not allowed

Select

Assign topic to the user

  • Developing BCP tests

    A tabletop test seems a little too sterile and would not necessarily expose embedded organic issues. What would your version of the Kobayashi maru test be?

  • Topics for auditing a datacenter

    What factors need to be considered or rather what should be done if we are to audit a datacenter?

  • Intellectual property rights

    1) Intellectuele eigendomsrechten (Dutch translation of Intellectual property rights) is the law that we have in Belgium. In this case there are two things that I'm thinking of:

  • Policies levels

    I am still working through the questionnaire, just finishing a few areas off. Would you be able to tell me if I need two information security policies? I am reading the standard and it says a higher level and lower level.

  • Validity of a LA certificate

    My ISO 27001:2013 LA certificate has expired. I wanted to know does IRCA approved LA have expiry ? Also ISO standards are changed every 5 years. Shall I go for LA course now or wait for standard to change ?

  • A.13 security controls from ISO 27001 Annex A

    Can you tell me the difference between these 3 sections: A.13.1 - Network security management, A.13.1.1 - Network controls, and A.13.1.2 - Security of network services?

  • How to fill in "Requirement" column

    'Requirement' does not sound very clear to me, what do we have to put in this column?

  • How to fill Statement of Applicability

    I need your help in linking the document "6_Statement_of_Applicability_Cloud". I need to complete section 3.1

  • List of Legal, Regulatory, Contractual and Other Requirements

    List of Legal, Regulatory, Contractual and Other Requirements: Can we write this in the requirement tab for 'Intellectual property rights' ? Users must not make unauthorized copies of software owned by the organization, except in cases permitted by law, by the owner or the CTO. Users must not copy software or other original materials from other sources, and are liable for all consequences that could arise under the intellectual property law.

  • ISO documents for IT

    1. Our company has ISO 9001-2015 however as IT Department, we are constantly audited beyond the scope of the ISO 9001. For that reason, I think that ISO 27001 documents are the ones that we need to cover everything and anticipate future audit. My requirement for report is to know if a procedure exist for reports demand from the IT and the restriction that follow these procedures.
Page 245 of 544 pages