Guest
Guest
Create New Topic As guest or Sign in
Assign topic to the user
-
ISMS interfaces and dependencies
what are interfaces and dependencies as per clause no 4.3 in iso 27001:2013, can you please give me examples of interface and dependencies? -
Controls to software related risks
Just wanted to check which control deals with the risk of outdated software, End of Life software -
Risk owners and asset owners
Should we assign two different people to be the Risk Owner and Asset Owner or can they be just one person? -
Backup and recovery checklist
Which iso27001 doc, would contain a checklist on Backup and recovery? i have a client who's auditors are requesting a DR analysis and plan, and was hoping i can cut out the admin part and buy the templates -
Freeware software on product environment
can you please let me know according to ISO 27001:2013 standards can we allow/access freeware on production environment if the organisation is certified with ISO 27001:2013 -
Scope definition considering network infrastructure
my organisation (acme incorp) has two separate networks. one for internal use only and one for shared use between us and a major customer (but we host the network). I am not looking to get iso 27001 certification for my organisation (acme incorp), I am looking for certification for our external network which is a requirement for the contract between us and the customer. I taught, if I could tell the customer our external network is iso 27001 certified, that will give us a competitive advantage for contract renewal when the time come. Am not sure if my explanation is clear. Can I certified a network as so post to a company? -
Definition of implementation for an ISO 27001 project
We are in the planning stages of implementation of ISO27001 and are using Conformio to plan the project. I have a questions about the Free Calculator – Duration of ISO27001/ISO22301 Implementation tool. What does the tool use as a definition of implementation complete? For instance is Risk Assessment complete, procedures written and employees trained the definition of complete? Or does complete also include 3 months of the system in operation or is it ISO certification or some other measure? Would appreciate some additional insight into the definition of project complete -
Impact Analysis Questionnaire
Please assist is there a way I can engage BCM on new initiatives and projects before going live. Do you have any checklist for such request? E.g. for Information security they have Security questionnaire. -
Qualitative and quantitative risk assessments
what is the difference between qualitative assessment and quantitative assessment? -
Proposal for ISO 27001 project
l am in the process of putting in a proposal for the adoption of IS027K( think ISO 27017/18, 2233) for a Hybrid Cloud Solution l am tasked to put forward a High Level Document by the 22nd August if you can email me any information it would be most grateful.