ISO 27001 & 22301 - Expert Advice Community

Home / ISO 27001 & 22301

Discussions

Top Contributors

Expert

Rhand Leal

4148
Discussions
Expert

Carlos Pereira da Cruz

1915
Discussions
Expert

Dejan Kosutic

365
Discussions

Most Popular Tags

Product: Conformio Product: ISO 27001 Documentation Toolkit Product: ISO 13485 & MDR Integrated Documentation Toolkit ISO 27001 ISO 9001 Product: ISO 27001 & ISO 22301 Premium Documentation Toolkit Risk Assessment Product: ISO 13485 Documentation Toolkit ISMS register of requirements Internal Audit Product: ISO 27001/Risk Assessment Table Product: ISO 27001 & ISO 27017 & ISO 27018 Cloud Documentation Toolkit Certification ISO 14001
Select
CREATE NEW TOPIC +
Guest

Guest

Create New Topic As guest or Sign in

HTML tags are not allowed

Select

Assign topic to the user

  • Information and Cloud security policies

    Can you please explain the difference between Information security policy and cloud security policy?

  • Internal audit

    1. Do you have an anonymised example for the annual internal audit program? Am looking to see how much information is needed.
    2. Also when considering who performs the internal audits – do they have to be certified to do so?

  • Identifying Legal Requirements

    1 - How do I define the List of Legal Regulatory Contractual and Other Requirements? I read all the articles about it, but I still don't know how to define it. There's also no video tutorial on how to identify these requirements.

  • Qualitative and quantitative risk assessment

    What is the difference between qualitative and quantitative risk assessment, Please describe with an example…

  • Risk calculation and implemented controls

    I am working on a risk assessment and am confused by one thing. When I determine likelihood vs impact, should I determine those based on a total lack of controls or based on the controls we have in place currently?

  • Risk Assesment

    What is the difference between qualitative and quantitative risk assessment, Please describe with an example....

  • ISO 27001 roles

    1 - Can I replace {job title} with Senior Management in some cases?

  • Risk assessment

    Should I include threats/vulnerabilities for which I've already implemented controls? For example on an internal application say the threat is data loss and the vulnerability is a dependence on a single server for this application. I have backups, which we consider to be properly de-risking, but should I list this in the risk assessment just to have it documented?

  • ISO 27001 certification and training

    1 - Información sobre el ROADMAP de la Certificación ISO 27001 (The ROADMAP of the ISO 27001 Certification)

  • Interview about ISO 27001

    I am pursuing MS in cyber Law and Information Security and I want to know that what types of questions are ask related to ISO 27001 in interview ?
Page 402 of 542 pages