ISO 27001 & 22301 - Expert Advice Community

Home / ISO 27001 & 22301

Discussions

Top Contributors

Expert

Rhand Leal

4151
Discussions
Expert

Carlos Pereira da Cruz

1915
Discussions
Expert

Dejan Kosutic

365
Discussions

Most Popular Tags

Product: Conformio Product: ISO 27001 Documentation Toolkit Product: ISO 13485 & MDR Integrated Documentation Toolkit ISO 27001 Product: ISO 27001 & ISO 22301 Premium Documentation Toolkit ISO 9001 Risk Assessment Product: ISO 13485 Documentation Toolkit ISMS Internal Audit register of requirements Product: ISO 27001 & ISO 27017 & ISO 27018 Cloud Documentation Toolkit Product: ISO 27001/Risk Assessment Table ISO 9001:2015 ISO27001
Select
CREATE NEW TOPIC +
Guest

Guest

Create New Topic As guest or Sign in

HTML tags are not allowed

Select

Assign topic to the user

  • Scope and asset definition

    We are a small (3 person) professional services firm and a fundamental question regards the ISMS scope generally. We outsource all our IT services, including IT security and network management (local IT services company), as well as data and application services (cloud providers, such as Microsoft). We are having trouble deciding where to draw the line on scope.

  • Security in web applications

    1 - Im trying to look for the best ISO norms for a web application that has a web server ,DB, Firewall ,application server . So if i try to write an IT Security concept for a web application which norm should i use ?

  • Risk treatment evidences

    With regards to the following in clause 8.3: "The organization shall retain documented information of the results of the information security risk treatment"

  • Scope definition

    I work in a company where the "main" asset is a software and its database. Can I set the scope only for the software 's database or do I need to scope also the mechanisms that process that data?

  • Preparing for an audit

    I need to perform Live Auditing of IT company what things i need to take care.

  • Audit practices

    1) While doing Audit, should you test certain things (as follows) or just check the parameter setting only or check the process - for example -

  • Monitoring ISMS effectiveness

    At last, I have got an opportunity to implement ISMS in my organization. Though it is already implemented in a specific domain and now the scope is expanding. The first assignment I have is to develop monitoring mechanism for monitoring of ISMS effectiveness. I need to work on KPIs and metrics to develop dashboard sort of tool so I can present it to our management.

  • Human Resource Policy in toolkit

    Why there isn't a Human Resource Policy in toolkit? I will need this Policy...

  • Course for certification

    What classes do I need to take to be able to certify my clients for ISO 27001? I would like to take that path so I can start certifying others.

  • ISO 22301 and ISO 22316

    1 - When will the new version of ISO 22301 will be available ?
Page 377 of 544 pages