ISO 27001 & 22301 - Expert Advice Community

Home / ISO 27001 & 22301

Discussions

Top Contributors

Expert

Rhand Leal

4148
Discussions
Expert

Carlos Pereira da Cruz

1915
Discussions
Expert

Dejan Kosutic

365
Discussions

Most Popular Tags

Product: Conformio Product: ISO 27001 Documentation Toolkit Product: ISO 13485 & MDR Integrated Documentation Toolkit ISO 27001 ISO 9001 Product: ISO 27001 & ISO 22301 Premium Documentation Toolkit Risk Assessment Product: ISO 13485 Documentation Toolkit ISMS register of requirements Internal Audit Product: ISO 27001/Risk Assessment Table Product: ISO 27001 & ISO 27017 & ISO 27018 Cloud Documentation Toolkit Certification ISO 14001
Select
CREATE NEW TOPIC +
Guest

Guest

Create New Topic As guest or Sign in

HTML tags are not allowed

Select

Assign topic to the user

  • Estimating the price for risk assessment

    I am facing a difficulty in estimating the price for risk assessment to a client with 600 employees divided in 3 branches. They are primarily interested in checking the roles, responsibilities of their IT/security department, the processes and performing the asset based risk assessment. What are the criteria based on which you charge the clients? What should be the average price per user, price per computer, or how do you do it?

  • Business Continuity or Disaster Recovery?

    Which out of Business Continuity or Disaster Recovery is an absolute must have?

  • Certification that better suites a Health Maintenance Organization

    I will like to know the certification that better suites a Health Maintenance Organization (health insurance company)

  • Indicators and ISO 27001

    I want to know how to get the indicators for assessments of ISO 27001? I wonder if there are ways to carry out assessments and obtain diagnostic?

  • Examples of different types of assets

    I am worrying about Assets and that I include them all, do you have any information that gives me examples of the different types of assets (physical and information) and what assets come under those headings?

  • Differences between ISO 27017 and ISO 27018

    Can you please explain the difference between ISO 27017, ISO 27018 and the document controls and assurance in the cloud using COBIT 5.

  • People as single point of failure

    Request you advise, as a finding for PEOPLE AS SINGLE POINTS OF FAILURE, what will be the suitable ISMS control?

  • Issue based risk assessment?

    Is it necessary to conduct issue based Risk Assessment for ISO 27001? I read on this site that it is ok to have asset based risk assessment. but when i see clause 6.1.1 of the standard, I am getting confused.

  • Defining the scope

    Defining ISMS. We are a ********* company and we have clients in the UK requiring us to be ISO 27001 compliant and certified. We are potentially targeting a 3rd party data center in the UK where we rent rack space as well as one of our local offices. I am wondering if we should define the scope further down to one particular system we use to support client data or scope the data center (multiple systems) and one of our locations.

  • To be compliant, what is the minimum to be done?

    As the first step, we want to be a ISO 27001 compliant organization, and then later get a certification. To be "compliant", what is the minimum that we will need to do?
Page 430 of 542 pages