Guest
Guest
Create New Topic As guest or Sign in
Assign topic to the user
-
Annual auditing of controls
1- Once a company has secured their ISO27K certification and are performing annual internal audits of the controls is there any reason for them to pay for an annual exterior audit versus providing the internal audit results to the firm that provided the certification? -
Do we have to use the control A.12.1.4 for all software development processes?
Hello, in a recent time we had a discussion within the software development team. As you know, A.12.1.4 control forces us to separate development, test and live fields. However, for some development tools, it is not possible to separate them. Also, some projects forces us not to separate them all. In this situation, can there be an exclusion for not to implement this control? What can be the metrics to implement and not to implement this control? Thanks for your help -
ISO 27001 implementation benefits
¿porque es importante implementar la norma y que consecuencias tiene no estar certificados? (Why is it important to implement the standard and what consequences does it have not be certified?) -
IGSOC
Do u have any IGSOC documents for us to help in achieving the same -
ISMS maintenance
Quisiera saber, ya que mi empresa esta Certificada, si tienes en tus documentos, una Guía para Mantener la Certificación ISO 27001. (I would like to know, since my company is Certified, if you have in your documents, a Guide to Maintain ISO 27001 Certification). -
Continual improvement verification
As per my understanding the continual improvement is only indicated in clause 10.2 of iso 27001:2013. But i think it is throughout from clauses 4 to 10 in some or the other ways. How can i draft few questions from each clause and bring out evidence accordingly. -
Business continuity management certification
1 - Must we adhere strictly to iso 22301 methodology/ framework before implementation can be certified as meeting the standard? -
Organizational context identification
My main 'job' is to find out where my organization stands and what they should do in order to get ISO27001 certified. Do you have any tips or directions or questions that I should keep in mind while trying to gather as much information about the company as possible? -
ISO Internal auditor vs Certified internal auditor
I'm currently busy preparing for my CIA exams. However, once I finish those I will definitely want to top that up with the ISO Internal Auditor certification. How recognized is it internationally compared to CIA (Certified Internal Auditor) and how much is the certification? -
HIPAA Compliance
this is my assigmnt to find out is google fit s health and microsoft vault either comply with HIPAA standard security awarness and traning so kindly if you provide answer of this question?