Guest
Guest
Create New Topic As guest or Sign in
Assign topic to the user
-
ISO 27001 implementation and certification and ISO 9001
Step by step ISO 27001 implementation and certification, if we have already have ISO 9001:2008 certification -
Residual risk
1 - How to evaluate the residual risk after some of action items have been completed? -
Risk standards comparison
I'd be interested to hear any useful comparisons to other risk standards such as FAIR or OCTAVE. -
ISO 27001 and COBIT 5 relationship
I still need to know relationship with cobit 5. must we implement both? -
Are residual risks mandatory?
Regarding the residual risk review (after controls applied) – does this have to be done for the standard? -
ISO 27001 implementation
1) What to expect from consultants who help us implement the ISO 27001? -
Impacts of EU GDPR
1 - have companies been penalised under eugdpr legislation? If yes then which are those company and what fine is imposed on them? -
Risks identification and treatment
Considering this example: we are having our own server (in-house), but we are also using external technical support for patches and incident management by providing remote access. How to best address the problem of unauthorized access to data, potential breach of data protection, breach of confidentiality? -
Defining BCMS scope
If we are a small to a medium size company, Can we only implement ISO 22301 (BCMS) for the IT Department? Or we have to implement it to all company departments? -
Threats identification
I have an computer as an asset (note: no data/information is stored on it, we use shared folders), what are then the threats? only the loss of the device? or malfunction of system, fire?