SPRING DISCOUNT
Get 30% off on toolkits, course exams, and Conformio yearly plans.
Limited-time offer – ends April 25, 2024
Use promo code:
SPRING30

ISO 27001 & 22301 - Expert Advice Community

Home / ISO 27001 & 22301

Discussions

Top Contributors

Expert

Rhand Leal

4148
Discussions
Expert

Carlos Pereira da Cruz

1916
Discussions
Expert

Dejan Kosutic

365
Discussions

Most Popular Tags

Product: Conformio Product: ISO 27001 Documentation Toolkit Product: ISO 13485 & MDR Integrated Documentation Toolkit ISO 27001 ISO 9001 Product: ISO 27001 & ISO 22301 Premium Documentation Toolkit Risk Assessment Product: ISO 13485 Documentation Toolkit ISMS register of requirements Internal Audit Product: ISO 27001/Risk Assessment Table Product: ISO 27001 & ISO 27017 & ISO 27018 Cloud Documentation Toolkit Certification ISO 14001
Select
CREATE NEW TOPIC +
Guest

Guest

Create New Topic As guest or Sign in

HTML tags are not allowed

Select

Assign topic to the user

  • Checklist during an internal audit

    Can an external auditor raise a non conformity for not having a checklist during an internal audit?

  • Alcance de un SGSI

    Hola, estoy haciendo el planeamiento de las actividades requeridas para implementar el SGSI, la duda que tengo es, la empresa para la que trabajo tiene tercerizado TI, es decir, toda la información de la empresa se almacena y procesa en los datacenters del proveedor, así mismo, este proveedor de hecho da todo el soporte al negocio, administración de bases de datos, mantenimiento de los sistemas, resolución del problema, redes, etc. Donde trabajo es una empresa pequeña que solo cuenta con un cuarto de comunicaciones, por lo que en este aspecto, el control lo tengo hasta un router, luego de ahi la información fluye hacia el proveedor. Mi pregunta es ¿en el alcance, solo debo indicar ese router dentro de un apartado de conexiones e interfaces? o debo incluir las instalaciones del proveedor?

  • Problems with very narrow ISMS scope

    I have a question on ISO27001 scope I was hoping you could help me with.

  • Developing a cryptography policy

    Could you please send me some tips on developing the cryptography Policy wrt to ISO 27001:2013. We need to apply this domain in our environment hence.

  • PII and free text fields in information systems

    Regarding data protection – if there was a free text field, is there the risk of PII being invoked?

  • ISO 27018 and EU PDPR

    Concerning data protection policy according EU GDPR, while formal ISO 27018 certification is not a goal (the goal is go for 27001, but bring in parts of 27018 as appropriate), can 27018 portions help better formulate this policy?

  • Document labeling

    Let's say the organization has a confidential document, is it mandatory to have document labeling (in header or footer) on each page ?

  • BYOD policy

    Would like to know about BYOD policies and its compliance on ISO 27001.

  • Combining ISO 27001 and ISO 9001 risk assessment

    How can we combine the risk register of ISMS to QMS Risk Clause (6)?

  • Certificar ISO 27001 en Perú

    Quisiera saber en que lugares se puede certificar en la norma iso27001 aqui en el Peru
Page 421 of 542 pages