ISO 27001 & 22301 - Expert Advice Community

Home / ISO 27001 & 22301

Discussions

Top Contributors

Expert

Rhand Leal

4151
Discussions
Expert

Carlos Pereira da Cruz

1915
Discussions
Expert

Dejan Kosutic

365
Discussions

Most Popular Tags

Product: Conformio Product: ISO 27001 Documentation Toolkit Product: ISO 13485 & MDR Integrated Documentation Toolkit ISO 27001 ISO 9001 Product: ISO 27001 & ISO 22301 Premium Documentation Toolkit Risk Assessment Product: ISO 13485 Documentation Toolkit ISMS register of requirements Internal Audit Product: ISO 27001 & ISO 27017 & ISO 27018 Cloud Documentation Toolkit Product: ISO 27001/Risk Assessment Table ISO 14001 Product: ISO 27001 Internal Auditor Course
Select
CREATE NEW TOPIC +
Guest

Guest

Create New Topic As guest or Sign in

HTML tags are not allowed

Select

Assign topic to the user

  • ISO 27001 foundations course content

    Which module is regarding Human resources security [A.7]? ISO 27001 Foundations Course

  • RTO and RPO definition for critical systems

    1 - Who sets the RTO AND RPO for critical systems? It is confusing.

  • Risk assessment and SOA

    Our team is currently working through the risk assessment and risk treatment for items identified as being in scope of our ISMS. Our initial ISMS is being restricted to our “customer facing applications” and hence the number of category 3 and 4 risks identified is quite low. Perhaps we are being not thorough enough, which may be possible.

  • Risk assessment questions

    1 -What are the differences between risk assessment report, risk treatment report and statement of applicability?

  • Lead auditor and lead implementer

    I am new to ISO and planing to achieve a Expertise in ISO 27001. I am confuse in between ISO 27001 LA and LI. What is the major difference in both of it?

  • ISO 27001 and EU GDPR

    we are primarely interested in GDPR implementation and compliance. But there isn't any practice in our country and overall knowledge and "data security culture" is pretty low, so I asked myself: Is there some ISO certificate that can help? I see such certificate as just one step more towards full GDPR compliance... We've undertaken some actions in the past to implement ISO 9001:2008 certificate, and our company clearly benefited from it. I haven' had much time to fully study ISO 27001 certificate so I don't know the details but again, we are interested in full GDPR compliance and tht's our final goal. I don't know if ISO 27001 can help achieve that goal - maybe you can give me the enswer.

  • Vulnerability scanning periodicity

    Does ISO 27001 specify how frequent vulnerability scanning should be performed (ie. quarterly, biannually)?

  • Policy template content

    I got stuck on document "Acceptable use policy", section 4 "Managing records under this document". There is a table that is not so clear to me.

  • Risk Assessment

    Thanks for the previous feedback.  I have another question.  It is regarding the risk assessment.  This is the first risk assessment they are performing since beginning their journey towards ISO 27001 certification.  We are keeping the risk assessment at a higher level at this time.

  • Nivel de confidencialidad

    tiene un ejemplo de como poner o que opciones podrían ser lo que va en la parte donde dice nivel de confidencialidad.
Page 322 of 544 pages