Guest
Guest
Create New Topic As guest or Sign in
Assign topic to the user
-
Training content
I've been looking through Adviseras' ISO27001 training modules in an effort to understand the suitability in certification path for my team. -
Relevant ISO standards for information security
Is it fine to say that the first five ISO/IEC 27000 family of standard are the most critical standards for the information security posture of any organisation -
Control: 14.1.3 - Protecting application services transactions
I’m having some troubles with the following control: 14.1.3 Protecting application services transactions -
ISO 27001 career
1 - So, my scenario here is i have been into IT infrastructure Services(Systems/Networks/SOC) for past 5 years and now have taken a short gap from my job and planning to pursue my goals in correct and passionate way. So while looking around i find the Info. Sec. domain as my goal and decided to do pursue further into it leveraging my past experience in IT. But unfortunately i don't hold any of the ISO/ISMS knowledge as of now, but would love to do pursue further into it. For the same seeking your kind advise in what direction should i pursue further as Management/Auditing fascinates me more than technical side of Info Sec. domain. So, shall i go ahead and pursue the ISO 27001 cert ? -
CAR, PAR, Security control
Hi, we have done a Risk Assessment and we are now in the process of choosing security controls. We are using security controls which align with industry standard like ISO 27001 and we are also choosing controls which were individual designed by us and fits to our company. In this context what is the difference between C.A.R/P.A.R and these security control? From my understanding if a control is not implemented yet, we can make some kind a project plan to fullfil our controls. But as I also understand we can create a C.A.R to implement these controls or? -
Log monitoring and review
We've implemented automatic log monitoring by sending alerts from the rules violation for the logs. Now since monitoring of logs through sending automatic alerts has been implemented, do we also need to conduct log reviews for ISO 27001 ? -
Scope communication
In 27001 implementation who should know about scope statement? -
ISO 27001 Gap Assessment for a Bank
Hi, I would like to know the best way of conducting an ISO 27001 Gap Assessment for a Bank? -
PCI DSS and ISO 27001
My outfit is already PCI DSS certified and currently working at getting certified for ISO 27001. -
Implementing ISO 9001 and ISO 27001
I am working on implementing ISO 9001 and ISO 27001and I see that some Chapters/Clauses is the same. Like training, audit, management review etc.Will it be enough two write in the ISO 9001 that these cahpters also refers to the Companies ISO 27001 or do I have to make a seperate procedur for ISO 27001?