Guest
Guest
Create New Topic As guest or Sign in
Assign topic to the user
-
Toolkit content
I have already purchased the toolkit and im currently running the internal audit. But while im going through the clauses and i want to know how and where is the 6.2 clause covered in the toolkit you provided us. -
Critical processes, RTO and RPO
How to Identify all business critical process and other dependent processes and hoe to calculate the RTO and RPO after BIA? -
Asset inventory
Is there a way for me to create my own asset inventory report based on the information in the article? -
People related risks
I need to understand how "asset name" people can be link to threat and vulnerabilities. I have done other areas but need help with people. -
Implementation of controls
Every control from Annex A is applicable to my organisation to some extent. Do we have to implement all controls ? Or only those controls that are needed to mitigate the risks from the Risk Assessment ? -
Termination of job - activity
I have a question is ISO 27001 contains any control that mentioned the period of time an AD account should be deleted/removed after disabling he account when leaving the company . -
Implementation options
1 - We are a micro business (one employee/director) dealing with large volumes of sensitive personal data in the cloud. Our cloud infrastructure in AWS provides immutable audit trails and automated security alerts etc ie we are as automated as we possibly can be - we use documented Cloud Formation to manage all our infrastructure and audit policies. We are keen to establish ISO 27001 certification. Is it possible to do this without a division of responsibility in the business? -
Template content
Could you please help me if there is any document available for A 6.1.5 -
Security controls review
I need to know how many times need to review security controls in the year? -
Obtaining buy in for ISO 27001
Key Points on these, I need information for this.