Guest
Guest
Create New Topic As guest or Sign in
Assign topic to the user
-
Importance of ISO certifications
I am a fresher working for Shell Information Risk Management Team. I have not done any certification till now. However i hear a lot about ISO Certifications. But i need to understand how this is important in Compliance world. How can it benefit me to progress in my career. I want to excel in compliance world. Do let me know if you want to ask me any queries regarding the same. Your advise will be helpful. -
Program success factors
- The subject matter I need to know is how to keep a successful program running; why do people Pass successfully for several years, and then begin to fail (with disastrous consequences)?
- I am a Certified Internal Auditor with several years of Internal Audit experience, getting ready to transition, and am looking for an ISO 27001 Analyst or Auditor job; how can I find companies who are (or are looking to become) ISO 27001 compliant?
-
Certifications for consultancy
Just wondering what certificates does a security consultancy company need?Is there any more certifications that are necessary when the company does consultancy services? -
Control of documents
If my company is using a standard template for policies and procedures and we want to change this template to satisfy both business & ISO needs, if we have the new template approved via defined formal channel as described in our document control procedure, shall we now change all the existing policies and procedure with the new template or we can state in our document control procedure that starting from "A defined date" any new or updated policy/procedure shall use the new template? -
Performing risk assessment
I have a problem in understanding the risk assessment. Suppose that i am an ISMS consultant in an organization. I must do "risk assessment". Here is the problem. should i first define some policies for the organization and then do the risk assessment? or first i should do the risk assessment and based on it, define some policies? If the latter is correct, how can i do it? For example for assessing the risks about the password, if the organization doesn't have any password policy, how can i determine that the risk assessment should be based on 8-character passwords or 10-character passwords? -
BYOD Policy template content
es fehlen weitere Listen: -
Audit tools suggestion
I just got an offer for a position as ISO 27001 Auditor in an international company without any Audit management tools. Of course the company has already be ISO 27001 certified but need maintenance before recertification. -
Enforcing policies
How can I enforce employee to implementing policy and the ISO 27001 standard briefly ..I am a government employee. I worked in the Ministry of Education -
Incident management and Incident Response
Hello, I just bought ISO 27001 document toolkit and one of the first document I need to complete is incident management procedure. -
Standards controls
Which ISO has over 114 controls? ISO 27001 has 114 I have seen one that goes beyond 114. ISO 27001 ends at 18.2.3. I seen one that goes to about 27.