ISO 27001 & 22301 - Expert Advice Community

Home / ISO 27001 & 22301

Discussions

Top Contributors

Expert

Rhand Leal

4151
Discussions
Expert

Carlos Pereira da Cruz

1915
Discussions
Expert

Dejan Kosutic

365
Discussions

Most Popular Tags

Product: Conformio Product: ISO 27001 Documentation Toolkit Product: ISO 13485 & MDR Integrated Documentation Toolkit ISO 27001 Product: ISO 27001 & ISO 22301 Premium Documentation Toolkit Risk Assessment ISO 9001 Product: ISO 13485 Documentation Toolkit ISMS Internal Audit register of requirements Product: ISO 27001/Risk Assessment Table Product: ISO 27001 & ISO 27017 & ISO 27018 Cloud Documentation Toolkit Product: ISO 27001 Internal Auditor Course Product: EU GDPR Documentation Toolkit
Select
CREATE NEW TOPIC +
Guest

Guest

Create New Topic As guest or Sign in

HTML tags are not allowed

Select

Assign topic to the user

  • Management review policy

    I have just bought the full suite of ISO documents from you. There doesn't appear to be a specific policy regarding Management Review. In folder 11 i can only see the Measurement Report and Management Review minutes. Our auditor is asking for a policy. Does one exist?

  • Documents review

    There are some documents we have/want to review annually. How should we proceed if there is no change on the document? Shall we create a new version without modification? Shall we update the latest version date?

  • ISO 27001 Lead auditor course

    I have enrolled for ISO 27001 Lead auditor and doing the training. After completing the course, attending workshop and passing exam, will I be able to entitle myself as ISO 27001 certified Lead Auditor or still I would be requiring to do some audits before I can do that?

  • ISO 27018

    We have a potential client interested in hiring us to deploy and manage an application stack within AWS. One request they have is for us to achieve a certification in either 27018, SOC2, or PCI DSS. I am looking for more information about the former.

  • Toolkit content

    I do have a couple of questions for you regarding the documentation in the toolkit. Hopefully you could answer these questions for me.

  • Exclusions from the ISMS scope

    We are implementing ISMS for the web-service. It uses the web-portal where users can login and move on further to use our service (let‘s call it serviceA) in scope. But the same web-portal is also used for some other services (let‘s call them serviceB) which I don‘t want to be included in the scope. Different departments of the company work with those different services. So obviously I include the whole web-portal in the scope but I don‘t want to have the department which works with the serviceB and has nothing to do with the serviceA in scope.

  • Career on information security

    I have total 9 years of experience in IT environment as a System Admin (Linux, windows & Network). Now I am interested to pursue my career in Information Security. I do not know what is the first steps to enter in this field. How to start & from where. Which certification I have to do?

  • Toolkit content

    I do have a couple of questions for you regarding the documentation in the toolkit. Hopefully you could answer these questions for me.

  • Updated article

    Currently I'm working on clause 6, risk management. I saw a very interesting article about advise for smaller companies, the link is below. I saw that the article is written in 2010. I was wondering if it is still applicable to the 2013 version of ISO 27001? https://advisera.com/27001academy/blog/2010/02/22/risk-assessment-tips-for-smaller-companies/

  • Controls information

    I would like to obtain information on Domain A5, A5.1, A13, A13.2, and A13.3.
Page 257 of 544 pages