ISO 27001 & 22301 - Expert Advice Community

Home / ISO 27001 & 22301

Discussions

Top Contributors

Expert

Rhand Leal

4151
Discussions
Expert

Carlos Pereira da Cruz

1915
Discussions
Expert

Dejan Kosutic

365
Discussions

Most Popular Tags

Product: Conformio Product: ISO 27001 Documentation Toolkit Product: ISO 13485 & MDR Integrated Documentation Toolkit ISO 27001 Product: ISO 27001 & ISO 22301 Premium Documentation Toolkit ISO 9001 Risk Assessment Product: ISO 13485 Documentation Toolkit ISMS Internal Audit register of requirements Product: ISO 27001 & ISO 27017 & ISO 27018 Cloud Documentation Toolkit Product: ISO 27001/Risk Assessment Table ISO 9001:2015 ISO27001
Select
CREATE NEW TOPIC +
Guest

Guest

Create New Topic As guest or Sign in

HTML tags are not allowed

Select

Assign topic to the user

  • Incident management and Incident Response

    Hello, I just bought ISO 27001 document toolkit and one of the first document I need to complete is incident management procedure.

  • Standards controls

    Which ISO has over 114 controls? ISO 27001 has 114 I have seen one that goes beyond 114. ISO 27001 ends at 18.2.3. I seen one that goes to about 27.

  • Scope definition

    I require some guidance in the following areas regarding the scope and who I will included in the audit for ISO 27001.

  • IT policy development

    Hi Dejan, I would appreciate you can share with me 'ISO 27001' the what, how, why, IT security related knowledge and other subject matters that I must consider when writing IT Policy for a regional company with presence in 6 countries in Asiapac with DataCenter in 3 countries, Cloud, stores in 6 countries, on premise servers, etc.

  • Policies approval process

    HI, We are currently completing the access control / management policy however, policies usually need approval from the Governance board. My understanding is that the only policy that would exist and need approval from the board would be the organizations IT Security Policy. All others are somewhat standards? Would I be correct in saying that or are they strictly required to be call policies etc? This is different ofocurse from the actual procedures.

  • Control gap treatment

    Gap found during prepare SOA. Does it need to have time frame of remediation action to close it before internal audit activity and first certification of I so 27001?

  • Supplier Assessment questionnaire

    I’ve been looking through our toolkit for a Supplier Assessment questionnaire. Is there such a document or would we need to draw one up?

  • Risk Treatment Plan Template

    I do not have Risk Treatment Table, I only have Risk Treatment Plan. Could you please explain Risk Treatment Table in more detail? Our current risk assessment is very different comparing to yours, and I could take a closer look at your process.

  • Standards for IT procedures and policies

    1. How to define IT Security Policy & Operation security policy? I am looking support or information which standard I should used ?
Page 342 of 544 pages