Guest
Guest
Create New Topic As guest or Sign in
Assign topic to the user
-
Controls implementation, SoA and audit
Will it be the expectation of our auditor that all of the controls deemed in scope for the SoA will be in place for the stage 1 and 2 audits? Or is there some timescale allowed that controls are implemented during the process? -
How master ISO 27001
How to master ISO 27001:2013, what is the reading methodology.. Please guide -
Risk process outputs sample
I have purchased your toolkit and it is has been very helpful. I am in the process of implementing ISO 27001 in our bank. What will be of great help to me is a sample risk identification, risk assessment and risk treatment for a bank. I am having a hard time with these processes. -
ISO 27001 certification
1 - Can you please advice about the correct pat to follow, and how to get the certification for my services? -
Internal Audit Checklist
1 - On Appendix 3 – Internal Audit Checklist for ISO 27001 and ISO 22301 there is evidence column to fill. Based on document template, what can we fill on there column? -
Security in SDLC
Are any ISO policies directly related to SDLC (requirements, plan, design, code, test, release) ? We want security testing built into the SDLC. Is it the A_14 Secure Development Policy? -
ISO 27001 implementation project
Hi, I would like to create a project so it is clear for the company which steps they have to take and what they should do to get ISO 27001 certified. Can you help me with this? -
Risk Assessment and Treatment
1 - For the Risk Assessment and Treatment report, do all of the identified risks have to be resolved/completed prior to certification or does having a timeline of completion okay. -
Sensitive data back up
If you are in a diagnostic lab environment where you DO NOT want to back up customer sensitive data sent to you for troubleshooting and all systems are not production, is not doing a back up ok? We have an ondemand Virtual Machine environment that truly does not need back up.