ISO 27001 & 22301 - Expert Advice Community

Home / ISO 27001 & 22301

Discussions

Top Contributors

Expert

Rhand Leal

4151
Discussions
Expert

Carlos Pereira da Cruz

1915
Discussions
Expert

Dejan Kosutic

365
Discussions

Most Popular Tags

Product: Conformio Product: ISO 27001 Documentation Toolkit Product: ISO 13485 & MDR Integrated Documentation Toolkit ISO 27001 Product: ISO 27001 & ISO 22301 Premium Documentation Toolkit Risk Assessment ISO 9001 Product: ISO 13485 Documentation Toolkit ISMS Internal Audit register of requirements Product: ISO 27001/Risk Assessment Table Product: ISO 27001 & ISO 27017 & ISO 27018 Cloud Documentation Toolkit Product: ISO 27001 Internal Auditor Course Product: EU GDPR Documentation Toolkit
Select
CREATE NEW TOPIC +
Guest

Guest

Create New Topic As guest or Sign in

HTML tags are not allowed

Select

Assign topic to the user

  • BCM documentation

    Actually we are kick starting BCM program in XXXX. We have floated RFP and currently doing technical evaluation of bidders. We are still not sure that whether to go with consultant or at our own. We are large sized company with more than 16000 employees providing telecom services throughout Pakistan with many services such as fixed and wireless broadband, carrier services, corporate and cloud services.

  • ISMS Controls

    Considering that the control sets in ISO27002 are essentially open-source, unless there is any organisation specific control measure mentioned in the Annex A that might be particularly sensitive, would the SofA generally be considered a sensitive document in itself?

  • Security control context

    "Estoy aprendiendo sobre su sistema, estoy buscando información para hacer el contexto de un control existe algún documento sobre eso?"

  • Information Classification and Handling according ISO 27001

    What does a Company's Information Classification and Handling guide looks like in relation to ISO 27001?

  • Elaborating an audit checklist

    Quick question, what would be the best way to draft the audit checklist? Would you recommend working from the document review and form a check list from that or do it by the Statement of Applicability.

  • Lead auditor and lead implementer courses

    I am a cyber security consultant and as part of education, i am looking at ISO27001 and was kind of confused if i should do the Lead Implementer or the Lead Auditor course…

  • Approaches beyond asset-based for risk assessment

    In working through the ISO 27001 toolkit, I saw that the tutorials and templates recommend taking an asset-based approach to risk assessment. While this may be the method that we use, I want to explore other options before settling on one in particular. Do you have any templates or documents available for a scenario-based approach or any other approaches?

  • SoA content_

    May I ask to which extent should be a Share risk situation detailed in SoA?

  • Template content

    1. I have just started work with the Risk Assessment Table template. Is it possible to change the colour range in the Risk column? Would like to have 0=green, 1=yellow, 2=orange and 3 and 4 =red. 3 and is red, but there is no colour scaling on 0,1 and 2...
    2. I did have a look at the post in Expert Advice Community – could you also describe how to change the colour scaling, please

  • ISMS and QMS

    It was advised that we need to implement QMS, as identifying and documenting all the process as this is the best approach. I actually did not quite comfortable, since it will increase the workload (thus require additional resource).
Page 347 of 544 pages