Guest
Guest
Create New Topic As guest or Sign in
Assign topic to the user
-
Missing documents from the toolkit
In the ISO 27001:2013 are two chapters included: -
Costs and time for certification
What is the cost for an advisory to certify a technology services company and how long does the process take? -
Approaching management
I am working in an organization where management loves to feel and say we are start up and for everything, and hence those things will not work. I do agree with your statement that the management commitment looks obvious but it really is not and without which in my organization everything is considered as escalation. There is no right approach, they pick the control matrix and start working on the security aspects and hence the friction and internal threats have increased so much that it is becoming difficult day by day to work on it. And when I ask my superboss about it, he says this is how we work. I need your advice on this so that I can work better. I don't want to give up nor fail in any case. -
Performing BIA
How about something for conducting a first-time BIA in-line with the ISO 223nn's? Ask 101 people and there are 101 ways to do it and each person will have their idiosyncrasies (especially me!) ISO 223nn don't really help people, even those who can afford to purchase them, and particularly those new to BC. -
Supplier security
I have a partner no1 provide sale and installation of software to partner no 2 that give functionality to a prime customer. Question does partner no 1 have to fulfill some security clause of ISO 27001 annex A? -
Templates content
I need the following documents, and I can not find them on our site. Can an expert suggest something? -
ISO 27001 Toolkit content
We have been filling up all the documents according our needs in order to achieve the certification successfully. However, we have realized that there are some documents that are not in the zip file. For instance: Anexo_A.5 Information security policies and Anexo_A.18 Compliance. Those documents should be in Spanish. I would appreciate your thoughts about this. -
Certifying organizations
Hi, we are an Information Security Consulting and Auditing Company. We are well established in the information security space and have been doing PCI DSS audits for about 9 years. We have a client who would like us to certify them for ISO 27001. We have an auditor in the team, who is certified as a ISO 27001 Lead Implementer. What will it require for us to become a company who can perform a ISO 27001 Auditor? -
Becoming internal auditor
I am B.E. (Mechanical) and Qualified Six Sigma Green Belt with over 4 years of industry experience in large, fast-paced multi-line facilities. Currently working in XXXXX as Production- Manager, handling all Production activities of XXXXX manufacturing and assembly plant in XXXX. -
ISO 27001 and COBIT
I'm new to COBIT. My initial question was can an organization have ISMS in place based on COBIT alone?