ISO 27001 & 22301 - Expert Advice Community

Home / ISO 27001 & 22301

Discussions

Top Contributors

Expert

Rhand Leal

4151
Discussions
Expert

Carlos Pereira da Cruz

1915
Discussions
Expert

Dejan Kosutic

365
Discussions

Most Popular Tags

Product: Conformio Product: ISO 27001 Documentation Toolkit Product: ISO 13485 & MDR Integrated Documentation Toolkit ISO 27001 ISO 9001 Product: ISO 27001 & ISO 22301 Premium Documentation Toolkit Risk Assessment Product: ISO 13485 Documentation Toolkit ISMS register of requirements Internal Audit Product: ISO 27001 & ISO 27017 & ISO 27018 Cloud Documentation Toolkit Product: ISO 27001/Risk Assessment Table ISO 14001 Product: ISO 27001 Internal Auditor Course
Select
CREATE NEW TOPIC +
Guest

Guest

Create New Topic As guest or Sign in

HTML tags are not allowed

Select

Assign topic to the user

  • Template content - awareness and training

    I have a question about the "plan for training and awareness“. Out of the document, from the table:

  • Risks and ISO 22301

    I'm from Colombia and I'm trying to do a degree project in a consulting company, my question is what risks can prevent or what risks are found in the company that we control them with the ISO 22301?

  • BCM policy and a DR policy

    I would like to know and understand the difference between a BCM policy and a DR policy. I am trying to develop a BCM policy for my organisation so i would like to understand if i need to have both the 2 policies in place or just one.

  • Controls to be implemented

    From the 114 controls, how many are mandatory to get an ISO certification?

  • Implementing ISO 27001 for outsourced SOC services

    I am looking at implementing ISO 27001 for an IT Service Provider who provide SOC services. The Service Provider has a separate team looking after Corporate IT. The scope of the certification are the services provided by the SOC.

  • Incident and Recovery Plan

    I have a question regarding the Incident and Recovery Plan. My assumption was the following:

  • Risk assessment for ISO 22301

    I am designing a complete end to end BCM project aligned with ISO 22301. I am just confused now regarding risk assessment ... I do not know hot to start it because there is a dedicated function is responsible for risk management and they have done their risk assessment and they have risk register now ..... as a business continuity manager do I have to conduct a different risk assessment ?And what does it include?

  • Documentation content

    1. Risk Assessment Table & Risk Treatment Table: What if the risk is non-existent? Would we still have to document this? Let us say for example gaining physical access to the cabling room (at the office) or the server cage (at the datacenter) is nearly impossible, because you need a badge for the cabling room and aside of that people in the company will see the unauthorized personnel. As for the datacenter, there are 4 security procedures / authentication methods to prevent unauthorized personnel from entering.

  • Providing SoA to customers

    I have a customer asking me to provide them my declaration of applicability. Is that something that is custom to provide that?
Page 253 of 544 pages