Guest
Guest
Create New Topic As guest or Sign in
Assign topic to the user
-
Filling a template
I have a question regarding risk assessment table. Should I include for example every mobile phone or laptop to it or just like a category: laptop or mobile phone? -
BCP sites
As per ISO 22301, if a company have defined 7 to 8 critical departments in its BCP plan, is it necessary to have a separate BCP site for each critical departments? -
Documenting context of the organization and interested parties
Where would I record Context of the organisation and Interested parties? Should I put that in the Information Security Policy - we have a separate document that lists legal and contractual requirements. -
ISO22301 Internal Audit
I am currently undertaking a pre-certification BCMS project. I also manage certified information security and quality management systems and for these I use a sampling methodology for internal audits which is quite straightforward as there is plenty of scope for samples under these systems. I am struggling to determine what samples I can use for the BCMS internal audit, especially pre-certification. What would you recommend? Thanks, Brian. -
Risk Assessment in ISO 27001:2013
-
Template content
Templates were good but missing Procedures for monitoring information processing equipment (Servers) and most vitally Code of Ethics -
Entidades certificadoras acreditadas
tengo una pregunta las certificaciones son reconocidas concretamente en España??? Me han contado que en España, si no el certificado no está expedido por la ENAC o por IQnet no está reconocida.... ¿es cierto? -
SOC Type 2, GDPR and ISO 27001
1 - How much overlap is there between SOC Type 2, GDPR and ISO 27001? -
Knowledge base content
I have read your online KB where you explain the differences between ISO 27001, ISO 27017 and 27018. The KB is quite old. Do you have any plan to update it? -
Preparing for certification
Please how can I prepare myself to take the certification?