ISO 27001 & 22301 - Expert Advice Community

Home / ISO 27001 & 22301

Discussions

Top Contributors

Expert

Rhand Leal

4151
Discussions
Expert

Carlos Pereira da Cruz

1915
Discussions
Expert

Dejan Kosutic

365
Discussions

Most Popular Tags

Product: Conformio Product: ISO 27001 Documentation Toolkit Product: ISO 13485 & MDR Integrated Documentation Toolkit ISO 27001 ISO 9001 Product: ISO 27001 & ISO 22301 Premium Documentation Toolkit Risk Assessment Product: ISO 13485 Documentation Toolkit ISMS register of requirements Internal Audit Product: ISO 27001 & ISO 27017 & ISO 27018 Cloud Documentation Toolkit Product: ISO 27001/Risk Assessment Table ISO 14001 Product: ISO 27001 Internal Auditor Course
Select
CREATE NEW TOPIC +
Guest

Guest

Create New Topic As guest or Sign in

HTML tags are not allowed

Select

Assign topic to the user

  • Case studies and quizzes

    Do you have any case studies and quizzes or simulations so that I can teach and make my students to practice ?

  • The Risk Treatment Plan and the Implementation Plan

    Section 10. It says “Implementation plan” but the document states “Risk Treatment plan”. Risk seems to be under section 7. Please explain

  • Working out the RTO and RPO

    I’ve completed the Business Impact Analysis questionnaires and I need to work out the RTO and RPO. Do I need to work out the RTO and RPO per application and database for each activity (department)?

  • Asset inventory and risk calculation

    Do you have anything about how I can to do asset inventory and calculate the risk ?

  • SoA alteration

    For the first time we need to include Outsourced Development in our Statement of Application, meaning our SoA version changes. How does this impact certification? We wouldn't be due an external audit until August 2019 Many thanks.

  • Classification of assets

    Can you clarify me the classification of assets when it comes to ISO 20001?

  • Arguments for control adoption

    I'm considering buying the Password Policy but I'd like to know if it can help me before I buy it!

  • Missing documents from the toolkit

    In the ISO 27001:2013 are two chapters included:

  • Costs and time for certification

    What is the cost for an advisory to certify a technology services company and how long does the process take?

  • Approaching management

    I am working in an organization where management loves to feel and say we are start up and for everything, and hence those things will not work. I do agree with your statement that the management commitment looks obvious but it really is not and without which in my organization everything is considered as escalation. There is no right approach, they pick the control matrix and start working on the security aspects and hence the friction and internal threats have increased so much that it is becoming difficult day by day to work on it. And when I ask my superboss about it, he says this is how we work. I need your advice on this so that I can work better. I don't want to give up nor fail in any case.
Page 266 of 544 pages