ISO 27001 & 22301 - Expert Advice Community

Home / ISO 27001 & 22301

Discussions

Top Contributors

Expert

Rhand Leal

4151
Discussions
Expert

Carlos Pereira da Cruz

1915
Discussions
Expert

Dejan Kosutic

365
Discussions

Most Popular Tags

Product: Conformio Product: ISO 27001 Documentation Toolkit Product: ISO 13485 & MDR Integrated Documentation Toolkit ISO 27001 Product: ISO 27001 & ISO 22301 Premium Documentation Toolkit ISO 9001 Risk Assessment Product: ISO 13485 Documentation Toolkit ISMS Internal Audit register of requirements Product: ISO 27001/Risk Assessment Table Product: ISO 27001 & ISO 27017 & ISO 27018 Cloud Documentation Toolkit AS9100 Product: EU GDPR Documentation Toolkit
Select
CREATE NEW TOPIC +
Guest

Guest

Create New Topic As guest or Sign in

HTML tags are not allowed

Select

Assign topic to the user

  • Information security career

    What are the career prospects and which is the right path to learn information security?

  • Information security policies

    I have a question about the templates. There is a template in folder 04 called Information_Security_Policy, but this document appears to be the Information Security Management Policy. It is similar to the policy explained in the tutorial "How to write the ISMS Policy according to ISO 27001," and it appears to be a higher level document. I am unable to locate the more in depth Information Security template. Is that included somewhere within the toolkit?

  • Security on social networks

    Como proteger e impedir o vazamento da informação pelas redes sócias?

  • Support material for online courses

    Is it possible to become certified with taking this course alone? Is it necessary to buy the ISO books?

  • Scope and asset definition

    We are a small (3 person) professional services firm and a fundamental question regards the ISMS scope generally. We outsource all our IT services, including IT security and network management (local IT services company), as well as data and application services (cloud providers, such as Microsoft). We are having trouble deciding where to draw the line on scope.

  • Security in web applications

    1 - Im trying to look for the best ISO norms for a web application that has a web server ,DB, Firewall ,application server . So if i try to write an IT Security concept for a web application which norm should i use ?

  • Risk treatment evidences

    With regards to the following in clause 8.3: "The organization shall retain documented information of the results of the information security risk treatment"

  • Scope definition

    I work in a company where the "main" asset is a software and its database. Can I set the scope only for the software 's database or do I need to scope also the mechanisms that process that data?

  • Preparing for an audit

    I need to perform Live Auditing of IT company what things i need to take care.

  • Audit practices

    1) While doing Audit, should you test certain things (as follows) or just check the parameter setting only or check the process - for example -
Page 377 of 544 pages