ISO 27001 & 22301 - Expert Advice Community

Home / ISO 27001 & 22301

Discussions

Top Contributors

Expert

Rhand Leal

4151
Discussions
Expert

Carlos Pereira da Cruz

1915
Discussions
Expert

Dejan Kosutic

365
Discussions

Most Popular Tags

Product: Conformio Product: ISO 27001 Documentation Toolkit Product: ISO 13485 & MDR Integrated Documentation Toolkit ISO 27001 Product: ISO 27001 & ISO 22301 Premium Documentation Toolkit Risk Assessment ISO 9001 Product: ISO 13485 Documentation Toolkit ISMS Internal Audit register of requirements Product: ISO 27001/Risk Assessment Table Product: ISO 27001 & ISO 27017 & ISO 27018 Cloud Documentation Toolkit Product: ISO 27001 Internal Auditor Course Product: EU GDPR Documentation Toolkit
Select
CREATE NEW TOPIC +
Guest

Guest

Create New Topic As guest or Sign in

HTML tags are not allowed

Select

Assign topic to the user

  • ISO 27001 2017 review

    It appears that the referential of documents for ISO 27001 relate to 2013. Certification bodies are targeting to certify the latest (2017) version. What is the position of Advisera regarding this gap with Conformio set of doc.?

  • Documenting controls

    In 27001:2013 Annex A.9.4.2 - It states that there must be a secure log on procedure as dictated by the Access Control Policy. If my secure log-on procedure is captured in a "policy" document instead of a "procedure" typ document - is that wrong?

  • Certification in multiple geographic locations

    We are trying to figure out what support is required and what steps need to be taken to become certified in multiple geographic locations.

  • BCP/BIA templates

    I have purchased the ISO 27001 toolkit, looking currently for the BCP/BIA one.

  • ISO 27001 and ISO 22301 communication plan

    I am busy with ISO 27001 and 22301 audits, and the auditor is asking for a Communication Plan and I can’t find one. Do you have a template for a ISO/security Communication Plan?

  • Compliance with ISO 27001 and GDPR

    „This Policy and the entire ISMS must be compliant with legal and regulatory requirements relevant to the organization in the field of information security, as well as with contractual obligations.“ - requirement in the Information Security Policy.

  • Risk Management and BCM

    Do you have an example of any organization structure for BCM ? What is the role of Risk Management team during catastrophe event, is it just a part of crisis management team, and also monitoring the implementation of BCP, coordinating with Emergency Response and Damage Assessment team, or anything else?

  • BIA and risk analysis

    In the BCP Phases we found, Phase 2: Perform Risk Analysis and Phase 3 : Perform BIA . Is it mandatory to start with risk analysis or can we start with BIA then go to risk analysis. What is the best way ?

  • Certification ISO 27001

    A company that already has the ISO 27001 each time it is submitted to an evaluation to keep it. I work for a company that wants to be licensed in ISO 27002, 27001 and 27000 assuming the company achieves that every time we submit to an inspection to continue keeping that ISO ?

  • Questions to top management

    What are the top questions the auditor can ask to the top of information security management ? 10 questions needed.
Page 258 of 544 pages