Guest
Guest
Create New Topic As guest or Sign in
Assign topic to the user
-
Career on ISO 27001
I am very much interested in becoming a Trainer/Auditor/Expert expert in ISO 27K. I'm an ISO 9001 Expert and had been auditing with SGS for the last 8 yrs. Could you please advise on the best pathway. -
ISO 27001 clauses 6 and 8
As per ISO 27001:2013, Clause 6.1.2 and 6.1.3 Speak about Information Security risk assessment and Treatment as well as Clause 8.2 and 8.3 explain about the same Security risk assessment and treatment. Can you please explain the requirement of each clause(6.1.2, 6.1.3, 8.2 and 8.3), whether they are the same or have a different requirement. -
Identifying legal requirements
1. law scope- LEGISLATION AND REGULATION RECORD- What is the accurate scope and commitment of Advent One in the legal context domain? -
BCMS mandatory and non mandatory documents
Can the non-mandatory BCMS documents be treated as support document to mandatory? -
Smartphones in an ISMS environment
If we allow smartphones inside our office environment, how we can get compliance fulfilled for ISO 27001? What procedure we need to implement to get compliant? -
Template content
On the link which I've mentioned below I see that "Operating procedures for IT management" are mandatory, isn't this supposed to be ICT instead of IT ? " -
ISO 27001 update
1. Are there any news as when the ISO 27001 next version be released? Any blog on Advisera around that? -
Filling template
What is the meaning of the "impact" column? Which data should go in there? e.g. If I capture the group "Desktop PC", what "impact" would it have?) -
Risk register example
Are there any examples of a risk register for ISO 27001 ? -
Audit days
I have a question maybe you can help me? When CB's are looking at audit days what do they use as their criteria for 27001? is there a table somewhere?