ISO 27001 & 22301 - Expert Advice Community

Home / ISO 27001 & 22301

Discussions

Top Contributors

Expert

Rhand Leal

4148
Discussions
Expert

Carlos Pereira da Cruz

1915
Discussions
Expert

Dejan Kosutic

365
Discussions

Most Popular Tags

Product: Conformio Product: ISO 27001 Documentation Toolkit Product: ISO 13485 & MDR Integrated Documentation Toolkit ISO 27001 ISO 9001 Product: ISO 27001 & ISO 22301 Premium Documentation Toolkit Risk Assessment Product: ISO 13485 Documentation Toolkit ISMS register of requirements Internal Audit Product: ISO 27001/Risk Assessment Table Product: ISO 27001 & ISO 27017 & ISO 27018 Cloud Documentation Toolkit Certification ISO 14001
Select
CREATE NEW TOPIC +
Guest

Guest

Create New Topic As guest or Sign in

HTML tags are not allowed

Select

Assign topic to the user

  • In which step of ISO implementation to write documents

    I have a query and not very much clear on this. Please tell me in which phase or step of ISO implementation do we write all the policies and procedures. Is it during scope creation or during risk assessment or during control implementation? Can you please explain why it is better to create policies during that specific stage e.g. if created during scope stage and explain with the help of an example.

  • Management in ISO 27001 / ISO 22301

    Dear Sir i need Management in ISO 27001/22301, i want to learn Management

  • Risk analysis for a pharmaceutical company

    methodology for carrying out Risk analysis of Pharmaceutical factory. what are requirement for such risk analysis

  • Get the certification

    We are in the midle of an ISO 27001 certification project and we have one technical question. We have developed 100% of the Risk Assessment, the SOA and the Risk Treatment Plan. Our SOA states that we need over 100 controls. We have implemented 60 until today. So, there are 40 controls planned to 2017 in the RTP. Can we get the certification know? ​Without those 40 controls, but they are planned​?​

  • IT experience

    I am new to this area and interested to master this domain. Can you please guide? I am Senior IT Engineer (network and telecom) and have 12+ years experience in IT/Comms / Data center projects.

  • From which country should the certification body be?

    I am now working in the process of getting ISO27001 certified. Now I wonder about how to select a certifying agency to do the certification. My company is in India and I would like to get certified by an agency in India. Would that be an issue if I get certified by an agency in another country(say Dubai). Is that going to be of an advantage? Is that mandatory to have a company certified by the certifying authority in the same country?

  • ISMS scope for a Hospital

    How to identify the scope at hospital environment? is it possible if we choose the "security management of patient data" for isms?

  • ISO 27017/ISO 27018 Implementation

    Hi, please I found some info related 27017/18 implementation where an ISMS 27001 is already implemented (but Cloud is not in the scope of 27001 certification).

  • Cloud Service Provider assessment considerations

    When writing a Cloud Service Provider Assessment Guideline based on CSA 3.0, what aspects should be considered?

  • Mapping all controls with risks

    Is it a requirement that every single control in the standard is mapped to at least one risk/vulnerability during the risk assessment phase?
Page 419 of 542 pages