ISO 27001 & 22301 - Expert Advice Community

Home / ISO 27001 & 22301

Discussions

Top Contributors

Expert

Rhand Leal

4151
Discussions
Expert

Carlos Pereira da Cruz

1915
Discussions
Expert

Dejan Kosutic

365
Discussions

Most Popular Tags

Product: Conformio Product: ISO 27001 Documentation Toolkit Product: ISO 13485 & MDR Integrated Documentation Toolkit ISO 27001 ISO 9001 Product: ISO 27001 & ISO 22301 Premium Documentation Toolkit Risk Assessment Product: ISO 13485 Documentation Toolkit ISMS register of requirements Internal Audit Product: ISO 27001 & ISO 27017 & ISO 27018 Cloud Documentation Toolkit Product: ISO 27001/Risk Assessment Table ISO 14001 Product: ISO 27001 Internal Auditor Course
Select
CREATE NEW TOPIC +
Guest

Guest

Create New Topic As guest or Sign in

HTML tags are not allowed

Select

Assign topic to the user

  • IT strategy

    In an EU GDPR/ ISO 27001 presentation with a potential customer, the question of an IT Strategy came up - couldn't find such document. Do you know if this is part of the integrated toolkit, maybe named differently?

  • ITGC

    1.What is ITGC controls and how it is related to ISO 27001 ?

  • Change policy

    I am ISMS-Manager at our Company and due to agile software development the request arises, that deployments to the Pre-Production environment can be done without raising a change in advance. This Pre-Production is under control of our RUN-Space, that operates as certified ISO 27001 realm.

  • Organizing documentation

    We are looking at the classification and handling of files and have decided to take the opportunity to organize our file shares and folders more efficiently to make identification and responsibilities clearer. Do you have any advice or best practice experience on structuring file shares and folders to achieve this?

  • Risk assessment and risk management

    1. What is risk assessment and what is risk management?

  • Change Control in an Agile DevOps environment

    I wondered if you had any resources on implementing Changing Control in an Agile DevOps environment, whilst complying with ISO 27001 please?

  • Action plan for internal audit

    How to create an action plan for internal audit? Is there any format for implementing it?

  • ISO 22301 toolkit

    1 - I recently purchased your product for ISO 22301 compliance, but am finding that much of the guidance points to ISO 27001 compliance. As a SaaS provider, there is logic that would say I should do both, but is that required?

  • Risk assessment

    I have a question regarding the risk assessment process. Once I have listed all my assets I want to list all threats related to it. But what if there is no risk (or solved already) f.e. for servers, a threat would be data loss (system failure or even person mistake), but if there is a backup plan in place, there is actually no risk anymore. So how should you score these kind of risks ? I want to make sure I have listed all the threats to have a complete list.

  • ISO 27001 for very small business

    We are are a software development firm with 10 staff. One of our prospect has required us to be certified to ISO 27001. We understand the need to formalize and put in place new processes and procedures but certainly do not wish to place more overheads than is absolutely necessary. How would you advise a company like ours.
Page 276 of 544 pages