SPRING DISCOUNT
Get 30% off on toolkits, course exams, and Conformio yearly plans.
Limited-time offer – ends April 25, 2024
Use promo code:
SPRING30

ISO 27001 & 22301 - Expert Advice Community

Home / ISO 27001 & 22301

Discussions

Top Contributors

Expert

Rhand Leal

4148
Discussions
Expert

Carlos Pereira da Cruz

1916
Discussions
Expert

Dejan Kosutic

365
Discussions

Most Popular Tags

Product: Conformio Product: ISO 27001 Documentation Toolkit Product: ISO 13485 & MDR Integrated Documentation Toolkit ISO 27001 ISO 9001 Product: ISO 27001 & ISO 22301 Premium Documentation Toolkit Risk Assessment Product: ISO 13485 Documentation Toolkit ISMS register of requirements Internal Audit Product: ISO 27001/Risk Assessment Table Product: ISO 27001 & ISO 27017 & ISO 27018 Cloud Documentation Toolkit Certification ISO 14001
Select
CREATE NEW TOPIC +
Guest

Guest

Create New Topic As guest or Sign in

HTML tags are not allowed

Select

Assign topic to the user

  • Assets valuation and the information classification policy

    Regarding 27001 information classification policy, if we are to implement the information classification policy using this purchased document, how we are to factor assets?

  • Gap analysis for ISO27001 and ISO 22301

    1 - Is the gap analysis for ISO27001 also usable for ISO22301?

  • ISO 27001 Annex A controls and the Statement of Applicability

    We have a new ISO27001 auditor who tells us that we must have all of the controls included in our SOA. We have excluded some controls, which he is now going to issue us a finding for not having them in place. Does ISO "require" that we include all controls?

  • Information Security Policy review

    Is it mandatory to make a new yearly version of the Information Security Policy if there is no changes in the scope?

  • RA and BIA in a single document

    Connecting RA and BIA in one place as those are both large documents

  • FFIEC business continuity Planning and ISO framework

    How does FFIEC business continuity Planning hand book tie to ISO framework?

  • Assets grouping and mapping of controls

    1 - In a group of offices which have the same set of asset classes (e.g., information and equipment), and use the same information systems, could we roll these up into 1 asset line for the purposes of the threat/vuln assessment and then assess the common risks and common threats as they will be the same?

  • Asset inventory question

    My question is how detailed this asset inventory should be. For example, the employees laptops are in the scope, do I have to list in this sheet the laptop of each employee or is it enough to have a generic term "employees laptops" and list the vulnerabilities threats in this way. If I use a term like "employees laptops" do I need to make a reference to a more comprehensive list that lists down all the laptops one by one?

  • Management Representative for ISMS 2013

    I was trying to look at your blog for ( do I need MR appointment letter for ISMS 2013 ? ) but unfortunately didn't find an answer , would you please let me know if it is required or not ?
Page 415 of 542 pages