Guest
Guest
Create New Topic As guest or Sign in
Assign topic to the user
-
Lead Auditor certification and CISA
What are the pros and cons between the certifications of lead auditor and CISA? -
SoA and outsourced IT
Given our reliance on third party IT, should we include controls they use on our behalf (such as malware detection or logging) in our list of controls for purposes of the Statement of Applicability? They are certainly in place but we do not implement or control them, so we are not sure if they should be in our SoA. -
Defining scope
I have completed the ISO 27001:2013 Foundations Course. In my attempt to implement what I have learnt, I encountered some issues. I am trying to define the ISMS scope for a small eshop company (about 50 employees). In my point of view, I think I should include to the ISMS the employees, the IT department, the Sales department and the accounting office and exclude the costumers and logistics partner. -
Audit resources and BCM material
We received this question: -
CMMi toolkit
1- I am looking for CMMI Toolkit. Your web site does not offer any? -
Knowing ISO 27001
I'm sorry to be bothering you, but I really need to make a decision and so if I could count on your help it would be very good. -
Communication template in ISO 22301 Toolkit
I could not find the communication plan template. Can you please share this? -
ISO 27001 and Artificial Intelligence
Currently, I am working with a Consultancy Company that is develop AI Inside Threat Intelligence and would like to know the following. -
Implementation steps
Que es lo primero que se debe realizar al interior de una organización para implmentar la Norma ISO 27001:2013. -
Evidences for policies and controls
What logs and what forms and what records do i need for each policy and its control?