ISO 27001 & 22301 - Expert Advice Community

Home / ISO 27001 & 22301

Discussions

Top Contributors

Expert

Rhand Leal

4151
Discussions
Expert

Carlos Pereira da Cruz

1915
Discussions
Expert

Dejan Kosutic

365
Discussions

Most Popular Tags

Product: Conformio Product: ISO 27001 Documentation Toolkit Product: ISO 13485 & MDR Integrated Documentation Toolkit ISO 27001 Product: ISO 27001 & ISO 22301 Premium Documentation Toolkit ISO 9001 Risk Assessment Product: ISO 13485 Documentation Toolkit ISMS Internal Audit register of requirements Product: ISO 27001/Risk Assessment Table Product: ISO 27001 & ISO 27017 & ISO 27018 Cloud Documentation Toolkit AS9100 Product: EU GDPR Documentation Toolkit
Select
CREATE NEW TOPIC +
Guest

Guest

Create New Topic As guest or Sign in

HTML tags are not allowed

Select

Assign topic to the user

  • Risk analysis for a pharmaceutical company

    methodology for carrying out Risk analysis of Pharmaceutical factory. what are requirement for such risk analysis

  • Get the certification

    We are in the midle of an ISO 27001 certification project and we have one technical question. We have developed 100% of the Risk Assessment, the SOA and the Risk Treatment Plan. Our SOA states that we need over 100 controls. We have implemented 60 until today. So, there are 40 controls planned to 2017 in the RTP. Can we get the certification know? ​Without those 40 controls, but they are planned​?​

  • IT experience

    I am new to this area and interested to master this domain. Can you please guide? I am Senior IT Engineer (network and telecom) and have 12+ years experience in IT/Comms / Data center projects.

  • From which country should the certification body be?

    I am now working in the process of getting ISO27001 certified. Now I wonder about how to select a certifying agency to do the certification. My company is in India and I would like to get certified by an agency in India. Would that be an issue if I get certified by an agency in another country(say Dubai). Is that going to be of an advantage? Is that mandatory to have a company certified by the certifying authority in the same country?

  • ISMS scope for a Hospital

    How to identify the scope at hospital environment? is it possible if we choose the "security management of patient data" for isms?

  • ISO 27017/ISO 27018 Implementation

    Hi, please I found some info related 27017/18 implementation where an ISMS 27001 is already implemented (but Cloud is not in the scope of 27001 certification).

  • Cloud Service Provider assessment considerations

    When writing a Cloud Service Provider Assessment Guideline based on CSA 3.0, what aspects should be considered?

  • Mapping all controls with risks

    Is it a requirement that every single control in the standard is mapped to at least one risk/vulnerability during the risk assessment phase?

  • Asset value

    Please guide me. How to determine the asset value ? Is there any formula for that ?
Page 421 of 544 pages