ISO 27001 & 22301 - Expert Advice Community

Home / ISO 27001 & 22301

Discussions

Top Contributors

Expert

Rhand Leal

4151
Discussions
Expert

Carlos Pereira da Cruz

1915
Discussions
Expert

Dejan Kosutic

365
Discussions

Most Popular Tags

Product: Conformio Product: ISO 27001 Documentation Toolkit Product: ISO 13485 & MDR Integrated Documentation Toolkit ISO 27001 Product: ISO 27001 & ISO 22301 Premium Documentation Toolkit ISO 9001 Risk Assessment Product: ISO 13485 Documentation Toolkit ISMS Internal Audit register of requirements Product: ISO 27001 & ISO 27017 & ISO 27018 Cloud Documentation Toolkit Product: ISO 27001/Risk Assessment Table ISO 9001:2015 ISO27001
Select
CREATE NEW TOPIC +
Guest

Guest

Create New Topic As guest or Sign in

HTML tags are not allowed

Select

Assign topic to the user

  • RA and BIA in a single document

    Connecting RA and BIA in one place as those are both large documents

  • FFIEC business continuity Planning and ISO framework

    How does FFIEC business continuity Planning hand book tie to ISO framework?

  • Assets grouping and mapping of controls

    1 - In a group of offices which have the same set of asset classes (e.g., information and equipment), and use the same information systems, could we roll these up into 1 asset line for the purposes of the threat/vuln assessment and then assess the common risks and common threats as they will be the same?

  • Asset inventory question

    My question is how detailed this asset inventory should be. For example, the employees laptops are in the scope, do I have to list in this sheet the laptop of each employee or is it enough to have a generic term "employees laptops" and list the vulnerabilities threats in this way. If I use a term like "employees laptops" do I need to make a reference to a more comprehensive list that lists down all the laptops one by one?

  • Management Representative for ISMS 2013

    I was trying to look at your blog for ( do I need MR appointment letter for ISMS 2013 ? ) but unfortunately didn't find an answer , would you please let me know if it is required or not ?

  • ISO20000 and ISO27001 documentation

    1 - ¿se puede indicar en algunos documentos que el alcance de los mismos es para ISO20000 e ISO27001?

  • Performing Risk Assessment and Treatment

    1 - I am filling out the Risk Assessment and Treatment Methodology document in the documentation toolkit. I have already listed out all the assets and their threats, vulnerabilities, and owners. My question is on filling out the risk criteria, specifically the likelihood. Do I take the existing controls into consideration for determining total risk?

  • Continuing Professional Education (CPE) and ISO 270001

    how many CPE's come with completing the ISO 270001 continuing professional education?

  • Documenting the control A.17.1.2

    According to your page https://advisera.com/27001academy/knowledgebase/list-of-mandatory-documents-required-by-iso-27001-2013-revision/ Business continuity procedures (clause A.17.1.2) / Implementing information security continuity is mandatory. On what page(s)/text of the ISO 27001 standard can you find this reference?

  • PCI DSS documents and standards

    1) From where to get PCI DSS documents and standard ?
Page 417 of 544 pages