Guest
Guest
Create New Topic As guest or Sign in
Assign topic to the user
-
ISO 27001 Risk Monitoring
Hi I have implemented ISO 27001 and now I have to perform Risk monitoring for my documented risks.What I am currently doing is I review risk assessment sheet every month and see how many risk are mitigated and see how many risk have changed from "High" to "Medium" or "Low" and also how many from "Medium " to "Low" Once this is done I save the sheet as a new version number with the date of review. My question is , Am I doing the monitoring in correct way? Is there any other way by which I can monitor the risk without the hassle of versioning Please advice Thanks -
Implementation costs
How much does certification for ISO 27001 cost? I see here: https://www.pivotpointsecurity.com/blog/iso-27001-cost-estimate-48000-information-security-confidence-priceless/ that it costs $48,000 in total. is this correct? -
Approval for the residual risk
1. Can you advise me the best way to go about seeking the risk owners approval for the residual risk? -
Risk assessment methods
What are alternatives method for Asset based Risk Identification? -
Differences between process based and asset based risk assessments
What is exactly difference criteria for process based and asset based risk assessment ? -
ISO 27001 implementer
As internal auditor should I obtain ISO 27001 implementer also? -
Toolkit content
Hello, I have been working with the forms to implement the standard 27001, I look for: ISO 27001 project (Spanish) / Files and I do not find the documents to be able to implement these points of the standard: -
ISO 27001 map to NIST
I am working on a bid for an ISO 27001 project, creating information security standards documents that are aligned with ISO 27001, but which also map to NIST CSF, NIST 800-53, NYS DFS 500, and GLBA. -
ISO 22301 certification
Can you recommend any training institutions for ISO 22301 personal certification? Preferably online.