Guest
Guest
Create New Topic As guest or Sign in
Assign topic to the user
-
Processes periodicity
"processes that employees are doing on a daily or weekly basis."Please give me example for this type process. -
Controls application
Quick question, does ISO 27001 looks for one to one mapping of risks vs controls in SOA or I could come up with 1 risk in assessment and use 3 to 4 controls to mitigate risk? from SOA? -
Assessing the C-I-A of assets
Q1: For a smaller company can we choose not to assess the risk of an asset based on Confidentiality / Integrity and Availability. -
Who will write Business Continuity Plan
HI , I am implementing ISO 22301 in my organization and have some business units in scope which are business critical. Now comes the time to write the BC plan for those units. I want to understand who will write them and what is my part in writing those plans. My role is BC manager/implementer. Please advice -
Handling risk
What is your view on the handling of raw risk vs treated risk vs mitigated risk when it comes to residual risk and understanding your organisation's appetite for risk? -
NIST 800-171, Aerospace standards, CIS 20, NIST 800-53 with ISO 27001 Standards
How to drive NIST 800-171, Aerospace standards, CIS 20, NIST 800-53 with ISO 27001 Standards? -
Performing Gap Analysis
What is the best practice to perform the Gap Analysis and further steps to reduce the gaps? The steps and process to follow. -
Recovering an ISMS implementation
How to survive to a bad ISO 27001 implementation or convince management to have security practices without a regulation that impose ISO 27001? -
Risk assessment monitoring
How to monitor risk assessment and fix it? -
Risk Assessment with examples
Can you show as example of RA with 20 examples ?