ISO 27001 & 22301 - Expert Advice Community

Home / ISO 27001 & 22301

Discussions

Top Contributors

Expert

Rhand Leal

4151
Discussions
Expert

Carlos Pereira da Cruz

1915
Discussions
Expert

Dejan Kosutic

365
Discussions

Most Popular Tags

Product: Conformio Product: ISO 27001 Documentation Toolkit Product: ISO 13485 & MDR Integrated Documentation Toolkit ISO 27001 Product: ISO 27001 & ISO 22301 Premium Documentation Toolkit Risk Assessment ISO 9001 Product: ISO 13485 Documentation Toolkit ISMS Internal Audit register of requirements Product: ISO 27001/Risk Assessment Table Product: ISO 27001 & ISO 27017 & ISO 27018 Cloud Documentation Toolkit Product: ISO 27001 Internal Auditor Course Product: EU GDPR Documentation Toolkit
Select
CREATE NEW TOPIC +
Guest

Guest

Create New Topic As guest or Sign in

HTML tags are not allowed

Select

Assign topic to the user

  • Application of BCP on ISO 27001

    If there is no commitment to contracts for customers on providing resiliency, and risk is acceptable not to have a BCP... will ISO 27001 still be looking at a information security continuity in BCP plan ( Not BCP plan, so no information continuity)?

  • Certificaton audit

    After completing an internal audit how would my company get an external audit / 3rd party certification?

  • Legal requirements

    We have purchased the toolkit already, but I have a question about an article: https://advisera.com/27001academy/knowledgebase/laws-regulations-information-security-business-continuity/

  • Risk assessment

    I have read some knowledge base of ISO 27001, and ISO 27001 Risk Mgt in Plain English, I found it useful and help me to understand more about Risk Management, but I still confuse how to start to do risk management follow this ISO framework. I understand the concept and process, but I don't know how to start it. This is the first time that my company need to do the risk management and no one understand about the risk.

  • Template content

    In the demo (eng) 27001:2013, you are missing chapt 18. Compliance, also nothing for chapt. 6 (ISO 27001:2013) demo?

  • Business Impact Analysis

    I work for a large global company and I’m currently performing the Business Impact Analysis for the UK which includes 15 different departments. So for each Business Impact Analysis questionnaire I completed them for the department as a whole rather than by each different activity so there’s a Business Impact Analysis for Finance, another for HR etc. So when I complete the Activity Recovery Strategy it will be per department.

  • Template content - disruptive scenarios

    Regarding Appendix 4 – Examples of Disruptive Incident Scenarios, should I work with the managers to create our own examples of Disruptive Incident Scenarios or should we keep the examples in the document and simply add the name of the company and confidentiality level at the top?

  • Risk assessment

    Please help to clarify me some doubt as below:

  • Toolkit content

    1. ISO 27001 project / ISO 27001 Documentation Toolkit / 08_Annex_A /

  • Filling out the Treatment Table

    When filling out the Treatment Table there are the columns Selection of Options and Means of Implementation. Both offer a selection of inputs. Is it mandatory to use these selections or can you use some other inputs that are not in the selection table? For instance can I add Other measures tot the "Selection of Options" and "Scan all documents to be stored on secure NAS, Destroy all physical documents".
Page 273 of 544 pages