ISO 27001 & 22301 - Expert Advice Community

Home / ISO 27001 & 22301

Discussions

Top Contributors

Expert

Rhand Leal

4148
Discussions
Expert

Carlos Pereira da Cruz

1915
Discussions
Expert

Dejan Kosutic

365
Discussions

Most Popular Tags

Product: Conformio Product: ISO 27001 Documentation Toolkit Product: ISO 13485 & MDR Integrated Documentation Toolkit ISO 27001 ISO 9001 Risk Assessment Product: ISO 27001 & ISO 22301 Premium Documentation Toolkit Product: ISO 13485 Documentation Toolkit ISMS register of requirements Internal Audit Product: ISO 27001/Risk Assessment Table Product: ISO 27001 & ISO 27017 & ISO 27018 Cloud Documentation Toolkit Certification ISO 14001
Select
CREATE NEW TOPIC +
Guest

Guest

Create New Topic As guest or Sign in

HTML tags are not allowed

Select

Assign topic to the user

  • BCMS performance indicators

    Am currently working on an implementation project for BCMS. More specifically, am looking at Clause 9.1.1 and 9.1.2 from ISO 22031. Wondering if there's any performance metrics example that I can refer to, to meet these requirements?

  • When go for ISO 27001 certification

    I would like to know when is the right time to do certification of ISO 27001 as we want to make sure that clients are going to trust us as we should have proper Policies and controls?

  • Toolkit content

    I bought the 27001 toolkit docs and I am looking in annex a, it seems to be missing 5 and 18? Can you explain why those 2 controls are not documented?

  • CRISC or ISO 27001 certifications

    I am an Internal Audit Officer. I am confused going for CRISC or ISO 27001 since I already CISA. Need help.

  • Identifying a Cloud Service Provider

    We offer trust service providers and we store some data and documents for our clients in the cloud, which they can access at any time. Does this makes us a Cloud Service Provider, and thus our ISO 27001 should be drafted in this regard? For example in the Backup Policy there is the following section and your comment:

  • Requerimientos ISO 27001

    Hola, quisiera que me ayude indicando cuales son los requerimientos mínimos dentro de la seguridad de la información para una organización que no tiene documentación definida para este tipo de temas.

  • Activity Recovery Strategy template content

    Hi, should the Activity Recovery Strategy for Activity X contain all tasks to full recovery or just the critical ones?

  • Controls application

    We produce a cloud-based web application that is hosted on XXXX and uses other outsourced infrastructure providers (like XXXX). The only physical equipment that the company owns and that is onsite in our offices is employee laptops. Considering this situation, are the ISO 27001 controls in Annex A sections A.11 (Physical and environmental security) applicable to us, since we don't have any servers or other major equipment onsite?

  • Certifications for ISO 27001 experts

    Is there a specific global certification for experts? Allows expert people to work to help organizations obtain ISO 27001 certification.

  • BCP and Measurement report templates

    I have two question. I am looking into drafting this two documents:
Page 342 of 542 pages