Guest
Guest
Create New Topic As guest or Sign in
Assign topic to the user
-
Asset register
I am currently developing the information asset register under ISO 27001:2013. The question of asset definition can be challenging. We have an internally developed application (let’s call it “XXXXX”) that spans multiple databases for different customers. The development is done in XXX on XXX. -
Integrated ISO 27001 & GDPR toolkit content
We bought the integrated ISO 27001 & GDPR tool kit. I have been slowly working my way through the documents… -
Alcance SGSI
Pretendemos implementar un sistema de gestión de seguridad de la información integrándolo con el sistema de gestión de la calidad y mi consulta es ¿cómo definir el alcance de certificación de nuestra institución, que incluir y que no? -
ISO 20000 and ISO 27001
Is there overlap between the ITIL/ISO20000 and the ISO27001? -
Exercising and Testing Plan
Hi, I recently conducted a Fire drill and a scenario based wokshop to ancor the need for at crisis plan in the organization. I planned the drill in the document Exercising and Testing Plan. Afterwards I did the exercising and testing report. -
Applicability of controls
Your comments in the Access Control Policy template states: -
Lead auditor course
I know you offer an ISO 27001 auditor class, but I just need the ISO 22301 version. Can you point me to a class that you recommend? -
ISO 27031
Would you please let me know what are the scope of work for ISO 27031 implementor and what is the delivrables after complete that tasks -
Adjustments for EU GDPR
What changes must a company that is ISO 27001 compliant need to make to its policies and procedures in order to meet the regulatory requirements posed by GDPR? -
Evaluating risk assessment results
In the risk assessment conducted...i am using activity based approach. So for each activity assets would have been identified in the bia. How do i determine the result if one asset owner rates a laptop high compared to another asset owner who rates it as low?