Guest
Guest
Create New Topic As guest or Sign in
Assign topic to the user
-
Building Business Continuity strategy
We built our DR plan for IT service and we would like to know the road map of building Business Continuity strategy and plan for the whole organization? -
Career on information security
I am learning ISO 27001 documentation structure and working on the documentations as well. Can you help me to understand and provide me a better way to enhance my career in this field ? -
Toolkit content
I quickly browsed through the list of docs and noticed that while it covers the Annexure A (A5 - A18) controls very well, there is no documentation to address the ISMS part. i.e clause 4 to Clause 10 of the 2013 standard. Could you please comment on that? Did I miss anything? -
Mobile device and BYOD policies
What is the difference between BYOD and mobile device policy? -
Certification for services
How does one obtain certification for a service, i.e. email? -
Adoption of ISO 27031
If we wanted to just get 27031 created, where should we start? Would you recommend creating 27031 without 22301 in place? -
Filling templates
1. Regarding the reference docs; what do we need to put in here? Do we need an actual list and if so do we need to list the whole toolkit? -
Filling SoA
I need advice to identify the controls of a SoA based on the logical security of the standard ISO 27002: 2013. -
Application of control A.17.2.1
We’re still working on the Statement of Applicability. How do we need to handle the implementation method of control A.17.2.1? The template says: recovery-strategy for IT-infrastructure. No comment from your side and no template about it. Can you explain a bit more? -
Risk management
1 - I have a query, is there any difference between third party risk management and usual Risk management?