Guest
Guest
Create New Topic As guest or Sign in
Assign topic to the user
-
Information with different classification levels
I'm doing policy review for ISO 27k . I'd like to know, is it wrong to relate the policy statement with related SOP and both documents are not having the same classification -
Information with different classifications
I'm doing policy review for ISO 27k . I'd like to know, is it wrong to relate the policy statement with related SOP and both documents are not having the same classification -
Standards ISO 17799 and ISO 27001
I recently came across ISO 17799:2005 and noted it is also related to Information Security I know ISO 27001 is what widely certified by companies. Could you please advise me the difference between both? -
ISO 27001 clauses explanation white paper
Estimados estoy leyendo el documento "Clause_by_clause_explanation_of_ISO_27001_EN.pdf" y me salto la siguiente duda, en la Introducción en le párrafo 3 que adjunto: -
Risk Treatment and SoA
I have a Question on ISO 27001 implementation. Do we need to address Risk treatment for all the SOA items? -
Change management
An update of a server wouldn't be a change under the ISO control "A.14.2.2 System change control procedures"? -
ISO 27001 certifications
I listened to your webinar ISO 27001-LA, and was wondering whether this is a very good fit for me. I am a 26 years professional as a CPA, CIA, CISA and worked years as an internal auditor both business and IT sides. I did several internal and external IT auditing in the USA & GCC. Overall, I am a process re-engineering expert. -
Books for ISO LA exam
Can you please suggest books to prepare for the ISO LA exam -
Information Security in Project Management
Example of how to implement A.6.1.5: Information Security in Project Management? -
Information labelling
Can you tell me if our company needs to have our address information on both the Non-mandatory and mandatory documents or does it need to be just on the Non-mandatory?