ISO 27001 & 22301 - Expert Advice Community

Home / ISO 27001 & 22301

Discussions

Top Contributors

Expert

Rhand Leal

4151
Discussions
Expert

Carlos Pereira da Cruz

1915
Discussions
Expert

Dejan Kosutic

365
Discussions

Most Popular Tags

Product: Conformio Product: ISO 27001 Documentation Toolkit Product: ISO 13485 & MDR Integrated Documentation Toolkit ISO 27001 Product: ISO 27001 & ISO 22301 Premium Documentation Toolkit ISO 9001 Risk Assessment Product: ISO 13485 Documentation Toolkit ISMS Internal Audit register of requirements Product: ISO 27001/Risk Assessment Table Product: ISO 27001 & ISO 27017 & ISO 27018 Cloud Documentation Toolkit AS9100 Product: EU GDPR Documentation Toolkit
Select
CREATE NEW TOPIC +
Guest

Guest

Create New Topic As guest or Sign in

HTML tags are not allowed

Select

Assign topic to the user

  • ISMS audit

    How do perform an ISMS audit with efficient suggestion to consultant and client to ease the gap on the risk and controls in the standard?

  • Planned implementation of changes to ISMS

    I bought the new kit for 27001/2022. I'm missing a document on the new chapter in the documentation

    Chapter 6.3 Planned implementation of changes to the ISMS.

    When will something be added?

  • Toolkit documentation

    Which document in the toolkit is relevant to clause A.7.5 (Protecting against physical and environmental threats)? And to A.7.8 (Equipment siting and protection)?

  • DR distance

    What's the distance for a disaster recovery site?

  • Lead Auditor certification

    I obtained a certificate through Advisera.
    I’m working at a certification body and am gaining experience.
    But I understood I need to send my certificate somewhere to become accredited.
    Can you please elaborate on that?

  • Documentation hierarchy

    I'm interested in applying MS documentation hierarchy according to ISO10013:2001; please address this and in relation to this now being a withdrawn standard.

  • Information Security Policy Creation

    I would want to know examples of Information Security Objectives which are measurable. I am in the process of coming up with the IS Policy using your template.

  • Statement for logs retention periods regarding critical assets

    Hi! I would like to know whether in ISO 27001 from 2022 there is a statement for logs retention periods regarding critical assets? I would like to know what are the minimum requirements (meaning minimum time periods) for keeping logs containing critical data.

  • ISM Policy

    I am working on the ISM Policy and would like to know which other objectives we can put which are measurable besides the generic ones?

  • Custom Control Creation

    Having operating system software and databases that are at the end-of-support life cycle is a serious and ever-present vulnerability in any IT operation. I do not find this vulnerability in Conformio. I then tried to create this vulnerability, but I could not find a suitable Control from the list that is presented for selection. Conformio does not allow me to create a new control. Software and Database maintenance updates would be an appropriate control. This also applies to the vulnerability of using software that is not current. Please advise how I should proceed to create this new vulnerability.
Page 25 of 544 pages