Guest
Guest
Create New Topic As guest or Sign in
Assign topic to the user
-
Changing template content
I would like to change the Methodology for a risk assesment, so I need to change some properties for columns in the document 07.1_Appendix_1_Risk_Assessment_Table_Integrated_EN, I need to change the formula for a risk calculation and also controls for permitted values for columns Consequence and Likelihood. How can I do this? -
Information protection
I have a client who is going to sell information over the Internet and ask me how to prevent that information from being leaked to third parties. What controls do you suggest? -
ISO 22301 and NIST 800-34
Need to create a BIA, I was given Nist 800-34 to follow but its confusing, will your templates mirror the NIST 800-34?st -
Main control activity
By key control, I mean the main control activity. For eg, in an access provisioning process, the key control activity would be the part where the provisioning actually takes place. -
Is ISO 27002 acquisition necessary?
Is it necessary to purchase 27002 standard, or is it’s contents contained completely in Annex A of 270001? -
Change management
Please describe about Change management. -
Integrated toolkits
We just passed the ISO 9001 and 14001 audit. To be honest, we have 2 critical non-conformities, but this is just plain paperwork to lift it to non critical. -
Risk assessment approach
Which is good approach for risk assessment -
Positive and negative risks
I am currently working on the development of risk management framework (based on ISO 27005) for my company. I am little confused as why ISO 27005 only talks about the negative risks and why not about positive risks (opportunities)? -
Mitigar el riesgo
¿cómo demostrar al auditor que el riesgo se mitiga si en realidad es cualitativo?