Guest
Guest
Create New Topic As guest or Sign in
Assign topic to the user
-
Filling documentation
We're a gaming software company who runs XXXX. Last month we've acquired UKGC license, and we have to do security audit with ISO 27001. -
Conflicting management systems
One of the challenges I have seen in large organizations is when different stakeholder sponsor implementation of ISO22301 and ISO27001 and come up with different versions of policies for the same concept. Also the entire process becomes extremely cumbersome for employees that need to provide feedback multiple times for essentially the same concepts. -
ISO 27001 and PCI DSS
if we are a ISO 27000 certified Company, and we are now, as a travel agency, also required by IATA to be PCI DSS compliant, does the ISO 27000 certification EQUAL or contribute to the PCI compliance? Simply put - if we are 27000 compliant - do we still need to be PCI compliant AS WELL or are we automatically PCI compliant when we are ISO 27000 compliant? -
Legal requirements
Which standards apply to the Legal functions as am about Auditing them. I know of Clause 4.1 on interested partiies and A18.1 -
ISO 27002 NIST and the Cybersecurity Framework
What are the alignments between ISO 27002, NIST, and the Cybersecurity Framework? -
Documentation required for Internal External and Interested parties
What I need to know what kind of documentation is required for Internal, External and Interested parties as per new clauses introduced in ISO 27001:2013. -
BCM practitioner certifications
We are rolling out BCM in our company and I want to be a certified BCM practitioner. Do you have any recommendations? -
Lead implementer and job description
Currently I am a Hosted system engineer at XXXXX. My Job description is below: -
Maturity in ISO evaluation
Can you define for me the "maturity" in ISO evaluation?