ISO 27001 & 22301 - Expert Advice Community

Home / ISO 27001 & 22301

Discussions

Top Contributors

Expert

Rhand Leal

4151
Discussions
Expert

Carlos Pereira da Cruz

1915
Discussions
Expert

Dejan Kosutic

365
Discussions

Most Popular Tags

Product: Conformio Product: ISO 27001 Documentation Toolkit Product: ISO 13485 & MDR Integrated Documentation Toolkit ISO 27001 Product: ISO 27001 & ISO 22301 Premium Documentation Toolkit ISO 9001 Risk Assessment Product: ISO 13485 Documentation Toolkit ISMS Internal Audit register of requirements Product: ISO 27001 & ISO 27017 & ISO 27018 Cloud Documentation Toolkit Product: ISO 27001/Risk Assessment Table ISO 9001:2015 ISO27001
Select
CREATE NEW TOPIC +
Guest

Guest

Create New Topic As guest or Sign in

HTML tags are not allowed

Select

Assign topic to the user

  • Audit Plan

    The Audit Plan is a document written per policy or department that will be audited or it is an overall document?

  • Internal Audit - Lack of Documentation

    There is a Lack of Documentation in the company where I work, but they want that the audit team start with the internal audit, is this possible to do? or what can the audit team do while the documentation is not ready?

  • Address for certification

    My organization has a total of 30+ employees and it is a kind-of virtual organization. We are registered but do not have a dedicated office location. We have hosted our environment in a cloud location managed by a CSP with proper segregation from other tenants. Our employees connect to platform through VPN across the globe. Our clients wants us to obtain ISO 27001 certification and we as an organization also want to establish an ISMS. Given this scenario, organization without a dedicated office location, can we go-ahead for ISO 27001 implementation and certification?

  • Cybersecurity and ISO 9001

    How is cybersecurity related to ISO 9001 2015?

  • Implementation of control A.18.2.2

    may I ask you about some guidance for A18.2.2?

  • Requirements of ISO 27001 to be implemented by the CSP

    1 - I need a clarification in my ISMS scoping: My organization is obtaining hosted cloud services with proper VPC segregation. We manage the operations in terms of app development, change management and maintenance. The CSP is already certified for ISO 27001. If I need to implement ISO 27001 for my organization, I need to understand which are the requirements that I should implement and which will be covered by the CSP?

  • Risk assessment approaches

    If you are already ISO27001 registered can you changed from an Asset-based risk assessment to a Scenario-based Risk Assessment?

  • Internal audit client

    We, Internal audit will be performing an ISMS audit based on the IT department request who should we report to in terms of our findings ? is it the IT department or the AC as per the norm?

  • Risk assessment participants

    It is the first time that my company will applies the ISO27001 and my doubt is about who must perform the risk assessment, the IT Department , RRHH, the Informations Security Manager or who…
Page 355 of 544 pages