ISO 27001 & 22301 - Expert Advice Community

Home / ISO 27001 & 22301

Discussions

Top Contributors

Rhand Leal

Carlos Pereira da Cruz

Dejan Kosutic

Most Popular Tags

Product: Conformio Product: ISO 27001 Documentation Toolkit Product: ISO 13485 & MDR Integrated Documentation Toolkit ISO 27001 ISO 9001 Risk Assessment Product: ISO 27001 & ISO 22301 Premium Documentation Toolkit Product: ISO 13485 Documentation Toolkit ISMS register of requirements Internal Audit Product: ISO 27001/Risk Assessment Table Product: ISO 27001 & ISO 27017 & ISO 27018 Cloud Documentation Toolkit Certification ISO 14001

Sort by:

Select

CREATE NEW TOPIC +

Guest

Guest

Create New Topic As guest or Sign in

Business department* About business* Organization size*

Title *

Body *

HTML tags are not allowed

Category *

Select

Tags

Name *

Email *

I accept the Privacy and Terms

Notify me when someone replies

Assign topic to the user

Select user

Address for certification
My organization has a total of 30+ employees and it is a kind-of virtual organization. We are registered but do not have a dedicated office location. We have hosted our environment in a cloud location managed by a CSP with proper segregation from other tenants. Our employees connect to platform through VPN across the globe. Our clients wants us to obtain ISO 27001 certification and we as an organization also want to establish an ISMS. Given this scenario, organization without a dedicated office location, can we go-ahead for ISO 27001 implementation and certification?
Cybersecurity and ISO 9001
How is cybersecurity related to ISO 9001 2015?
Implementation of control A.18.2.2
may I ask you about some guidance for A18.2.2?
Requirements of ISO 27001 to be implemented by the CSP
1 - I need a clarification in my ISMS scoping: My organization is obtaining hosted cloud services with proper VPC segregation. We manage the operations in terms of app development, change management and maintenance. The CSP is already certified for ISO 27001. If I need to implement ISO 27001 for my organization, I need to understand which are the requirements that I should implement and which will be covered by the CSP?
Risk assessment approaches
If you are already ISO27001 registered can you changed from an Asset-based risk assessment to a Scenario-based Risk Assessment?
Internal audit client
We, Internal audit will be performing an ISMS audit based on the IT department request who should we report to in terms of our findings ? is it the IT department or the AC as per the norm?
Risk assessment participants
It is the first time that my company will applies the ISO27001 and my doubt is about who must perform the risk assessment, the IT Department , RRHH, the Informations Security Manager or who…
Selecting qualified ISO 27001 certification auditors
We’ve shortlisted a few ISO auditors.
ISO 27001 and Information Security manger
what this standard define with respect to Information Security manger?