ISO 27001 & 22301 - Expert Advice Community

Home / ISO 27001 & 22301

Discussions

Top Contributors

Expert

Rhand Leal

4148
Discussions
Expert

Carlos Pereira da Cruz

1915
Discussions
Expert

Dejan Kosutic

365
Discussions

Most Popular Tags

Product: Conformio Product: ISO 27001 Documentation Toolkit Product: ISO 13485 & MDR Integrated Documentation Toolkit ISO 27001 ISO 9001 Risk Assessment Product: ISO 27001 & ISO 22301 Premium Documentation Toolkit Product: ISO 13485 Documentation Toolkit ISMS register of requirements Internal Audit Product: ISO 27001/Risk Assessment Table Product: ISO 27001 & ISO 27017 & ISO 27018 Cloud Documentation Toolkit Certification ISO 14001
Select
CREATE NEW TOPIC +
Guest

Guest

Create New Topic As guest or Sign in

HTML tags are not allowed

Select

Assign topic to the user

  • Roles and responsibilities in incident management

    Hi Dejan, in the file “Procedimiento_para_gestion_de_incidentes_ES”, it’s in A.16 folder, I look for Roles and responsibilities but I don’t find anything, thanks.

  • Selection of internal auditors

    Nuestra institución está en el proceso de implementación la NTP-ISO/IEC 27001:2014 (es la Norma Técnica Peruana que adoptó en la ISO 27001:2013).

  • Lead auditor certification requirements

    Does my ISO 9001 cert. and 5+ years auditing experience (ISO 9001:2008 & ISO 13485:2015) provide any credit towards certification ISO 27001? Specifically the 20 hours of observation, etc.

  • IT Risk Management Material

    I am talking to a client in the telecom space. They have asked me to help with the best practices for IT Risk Management as they are in the process of implementing IT GRC. I would appreciate if you could share some material on the same. What comes to my mind is ISO 27005, NIST and Risk IT. I would take any material that you could share.

  • Statement of Applicability Content

    I am taking the training courses for the ISO 27001 foundation course. I have a question regarding the Statement of Applicability document. I understand this document should have the applicable controls from the annex A and some other additional controls. If this document should have applicable controls only, why the table has the option for "Not applicable controls" & the "Reason why N/A"?

  • ISO 27799 and ISO 27001

    These days I'm interested in ISO 27799:2016 standard. Could you please help me to understand the differences and similarities between ISO 27799 and ISO 27001. If possible please provide me some resource links and white papers.

  • Can you figure out interfaces and dependencies??

    Can you figure out interfaces and dependencies Sir, Can you please put some light on these two scenarios: 1. I've created a webpage, which is hosted on servers of organisation A. Webpage is just a GUI, at the backend, we're utilising the services of SAINT... basically, our organisation provides customers a GUI and paying SAINT for the services going on the back of our webpage. Can you please point out any interfaces and dependencies involved here? 2. We're using a product called Alienvault, for the SOC analysis. In our organisation we have terminals for analysis ( traffic, vulnerabilities in system etc) . At our customers end we have installed Alienvault software at some nodes. All the logs resides on the servers of Alienvault. Can you please help me figure out the interfaces and dependencies in both the scenarios above????

  • ISMS interfaces and dependencies

    what are interfaces and dependencies as per clause no 4.3 in iso 27001:2013, can you please give me examples of interface and dependencies?

  • Controls to software related risks

    Just wanted to check which control deals with the risk of outdated software, End of Life software
Page 364 of 542 pages