Guest
Guest
Create New Topic As guest or Sign in
Assign topic to the user
-
Mobile device and BYOD policies
What is the difference between BYOD and mobile device policy? -
Certification for services
How does one obtain certification for a service, i.e. email? -
Adoption of ISO 27031
If we wanted to just get 27031 created, where should we start? Would you recommend creating 27031 without 22301 in place? -
Filling templates
1. Regarding the reference docs; what do we need to put in here? Do we need an actual list and if so do we need to list the whole toolkit? -
Filling SoA
I need advice to identify the controls of a SoA based on the logical security of the standard ISO 27002: 2013. -
Application of control A.17.2.1
We’re still working on the Statement of Applicability. How do we need to handle the implementation method of control A.17.2.1? The template says: recovery-strategy for IT-infrastructure. No comment from your side and no template about it. Can you explain a bit more? -
Risk management
1 - I have a query, is there any difference between third party risk management and usual Risk management? -
ISO 27001 in software development
I am a software developer and the company I work is planning to apply the 27001 standard in the next two months. I wonder if I Can to apply the 27001 standard in all the software's I developed? If yes what are the steps because I tried to read all about the standard and I found it confusing. I need help to start before the company and the auditors please help me with all respect -
List of Legal, Regulatory, Contractual and Other Requirements
Does the above list include United Kingdom legislation. What sectors does it cover? -
Planning information security continuity
I have a question about control A.17.1.1 (inside the Statement of Applicability.) The implementation method talks about a methodology of business impact analysis (GAA). Is there a template anywhere or do we have to make this on our own?