Guest
Guest
Create New Topic As guest or Sign in
Assign topic to the user
-
ISO 27002
Hi, what I am looking for is an extremely detailed description on each control catalog number (i.e.: A.5.1.1-1 or A.7.2.1-1 or A.10.1.1-1). So basically I am not looking for the policy but for an extremely detailed description on which the policy as an outcome will be based on. I can send you 2 example as I have finished with 2 but would need all. Do you have any package which contains those? -
Procedure for document and record control
In reference to the procedure for control of documents and records, is it exclusively for documents that have to do with the ISMS or does it apply to all the documentation in general of the company? -
Book Secure & Simple
How to coordinate the ISO 27001 foundation course study with the book " Secure & Simple" ?Which method do you advise for that ? -
Toolkit content
1. Attached please see the excel sheet and let me know if you have something like this in the toolkit or if it can be produced? 2. What goes in "Justification for"? (please see the png attachment) -
Information classification
1. How do we decide which categories to choose for information classification like restricted, public, confidential, internal etc? -
Use of Mobile Device and Teleworking Policy and Clear Screen and Clear Desk Poli
1. What I meant by restricting access in the following question "Do we really have to restrict access in case we'd like to access the information systems in the datacenter? We do have a Mobile Device and Teleworking Policy and Clear Screen and Clear Desk Policy which is being implemented." is the fact that the authorized employees can access the data on distance (so they do not have to be in the datacenter). If we decide to include the datacenter in the scope and no other locations (home, office, etc...) the access in these other locations should be restricted. However this is not going to make things easy for the employers and the employees because the datacenter is 71,5km away from the office, this would mean that they have to travel at least 143 km's everyday. -
Legal requirements identification
I am finding this one particular difficult - we sell B2B a SaaS service in the five countries mentioned. All very standard really. I am sure all the requirements are common. You have one example: “Protection of intellectual property” -
ISMS documentation
At what stage in the documentation is risk assessment carried out? -
ISO 22301 documents and competencies
1. How ISO 23001 helps in reducing the dependence on individuals through -
Certification process
I have a question about certification process. Our company has 2 offices: one in London (UK) and one in Yerevan (Armenia). The Armenian company is xxx, 100% of stocks are belongs to UK company. Do we need the certification process for both companies, or only for our UK office? The aim is to have whole company certified.