ISO 27001 & 22301 - Expert Advice Community

Home / ISO 27001 & 22301

Discussions

Top Contributors

Expert

Rhand Leal

4151
Discussions
Expert

Carlos Pereira da Cruz

1915
Discussions
Expert

Dejan Kosutic

365
Discussions

Most Popular Tags

Product: Conformio Product: ISO 27001 Documentation Toolkit Product: ISO 13485 & MDR Integrated Documentation Toolkit ISO 27001 Product: ISO 27001 & ISO 22301 Premium Documentation Toolkit ISO 9001 Risk Assessment Product: ISO 13485 Documentation Toolkit ISMS Internal Audit register of requirements Product: ISO 27001/Risk Assessment Table Product: ISO 27001 & ISO 27017 & ISO 27018 Cloud Documentation Toolkit AS9100 Product: EU GDPR Documentation Toolkit
Select
CREATE NEW TOPIC +
Guest

Guest

Create New Topic As guest or Sign in

HTML tags are not allowed

Select

Assign topic to the user

  • Performing risk assessment

    I have a problem in understanding the risk assessment. Suppose that i am an ISMS consultant in an organization. I must do "risk assessment". Here is the problem. should i first define some policies for the organization and then do the risk assessment? or first i should do the risk assessment and based on it, define some policies? If the latter is correct, how can i do it? For example for assessing the risks about the password, if the organization doesn't have any password policy, how can i determine that the risk assessment should be based on 8-character passwords or 10-character passwords?

  • BYOD Policy template content

    es fehlen weitere Listen:

  • Audit tools suggestion

    I just got an offer for a position as ISO 27001 Auditor in an international company without any Audit management tools. Of course the company has already be ISO 27001 certified but need maintenance before recertification.

  • Enforcing policies

    How can I enforce employee to implementing policy and the ISO 27001 standard briefly ..I am a government employee. I worked in the Ministry of Education

  • Incident management and Incident Response

    Hello, I just bought ISO 27001 document toolkit and one of the first document I need to complete is incident management procedure.

  • Standards controls

    Which ISO has over 114 controls? ISO 27001 has 114 I have seen one that goes beyond 114. ISO 27001 ends at 18.2.3. I seen one that goes to about 27.

  • Scope definition

    I require some guidance in the following areas regarding the scope and who I will included in the audit for ISO 27001.

  • IT policy development

    Hi Dejan, I would appreciate you can share with me 'ISO 27001' the what, how, why, IT security related knowledge and other subject matters that I must consider when writing IT Policy for a regional company with presence in 6 countries in Asiapac with DataCenter in 3 countries, Cloud, stores in 6 countries, on premise servers, etc.

  • Policies approval process

    HI, We are currently completing the access control / management policy however, policies usually need approval from the Governance board. My understanding is that the only policy that would exist and need approval from the board would be the organizations IT Security Policy. All others are somewhat standards? Would I be correct in saying that or are they strictly required to be call policies etc? This is different ofocurse from the actual procedures.
Page 342 of 544 pages