Guest
Guest
Create New Topic As guest or Sign in
Assign topic to the user
-
Templates available
Are there templates for all the documentation as well as the final report we must provide the client? -
Becoming an ISO 27001 expert
I need some guidance from you as you are expert in InfoSec area. -
Business continuity on ISO 27001 implementation
I was wondering if I need to include business continuity if I am only doing ISO 27001 and not ISO 22301? -
Implementing ISO 27001
I'm struggling to know where to begin. There are so many documents - even the required only. Each has callouts to other documents. I'm not sure where to begin ... and when I am filling in the information, I feel like I'm making it up on the fly. -
Frequency of performing internal audit of ISMS
Could you please give some information concerning the ISO27001 requirement for frequency of performing internal audit of ISMS. Is there any clear requirement in the standard that organisation's internal audit must perform ISMS audit on annual basis? -
BC policy and BC framework
1 - what is the difference between a business continuity framework and a business continuity policy? -
Documenting policies
Senior management wants to put all policies into one document ("a manual") and therefore only sign/approve one document. Is this allowable for auditing purposes? -
Access control policy: A.9.2.3
Hello, My company bought the documentation of the Access Control Policy. At which part is control A.9.2.3 covered in this document? Yours sincerely, Tom van Ruitenbeek -
External Auditor versus Lead Auditor
I want to become an External Auditor, not a lead auditor.....Is there a difference when it comes to the qualifications? Can someone take the Internal Auditor course, get the Certification and then start doing ISO 27001 for my company at other sites? -
Competence evidence
What kind of evidence required for resource competence and attending training to address relevant cybersecurity risk?