For a company the conforming with ISO 27001 requests is enough for to be in law with REGULATION (EU) 2016/679 OF THE EUROPEAN PARLIAMENT AND OF THE COUNCIL (General Data Protection Regulation) ?
ISO 27001 requirements for controls
I just want to check if ISO 27001 procedures require an immediate removal of IT staff's usernames when resignation? the IS audit manager at a local bank ? please note that, I mean the immediate removal before the notice period is done
Risk assessment
I have a question about Information security risk assessment – Risk analysis and evaluation [clause 6.1.2].
Information with different classification levels
I'm doing policy review for ISO 27k . I'd like to know, is it wrong to relate the policy statement with related SOP and both documents are not having the same classification
Information with different classifications
I'm doing policy review for ISO 27k . I'd like to know, is it wrong to relate the policy statement with related SOP and both documents are not having the same classification
Standards ISO 17799 and ISO 27001
I recently came across ISO 17799:2005 and noted it is also related to Information Security I know ISO 27001 is what widely certified by companies. Could you please advise me the difference between both?
ISO 27001 clauses explanation white paper
Estimados estoy leyendo el documento "Clause_by_clause_explanation_of_ISO_27001_EN.pdf" y me salto la siguiente duda, en la Introducción en le párrafo 3 que adjunto:
Risk Treatment and SoA
I have a Question on ISO 27001 implementation. Do we need to address Risk treatment for all the SOA items?
Change management
An update of a server wouldn't be a change under the ISO control "A.14.2.2 System change control procedures"?
ISO 27001 certifications
I listened to your webinar ISO 27001-LA, and was wondering whether this is a very good fit for me. I am a 26 years professional as a CPA, CIA, CISA and worked years as an internal auditor both business and IT sides. I did several internal and external IT auditing in the USA & GCC. Overall, I am a process re-engineering expert.