SPRING DISCOUNT
Get 30% off on toolkits, course exams, and Conformio yearly plans.
Limited-time offer – ends April 25, 2024
Use promo code:
SPRING30

ISO 27001 & 22301 - Expert Advice Community

Home / ISO 27001 & 22301

Discussions

Top Contributors

Expert

Rhand Leal

4148
Discussions
Expert

Carlos Pereira da Cruz

1915
Discussions
Expert

Dejan Kosutic

365
Discussions

Most Popular Tags

Product: Conformio Product: ISO 27001 Documentation Toolkit Product: ISO 13485 & MDR Integrated Documentation Toolkit ISO 27001 ISO 9001 Product: ISO 27001 & ISO 22301 Premium Documentation Toolkit Risk Assessment Product: ISO 13485 Documentation Toolkit ISMS register of requirements Internal Audit Product: ISO 27001/Risk Assessment Table Product: ISO 27001 & ISO 27017 & ISO 27018 Cloud Documentation Toolkit Certification ISO 14001
Select
CREATE NEW TOPIC +
Guest

Guest

Create New Topic As guest or Sign in

HTML tags are not allowed

Select

Assign topic to the user

  • Cuadro de mando integral

    Mi consulta es si existe alguna ISO con relación al Cuadro de Mando Integral Balanced Scorecard

  • Policy Applicability Questions

    If an organization is having its physical data center at another location with a private hosting group. In this case, do the controls for physical perimeter security and data center security would come into play? kindly share the justification as well.

  • Information Classification Questions

    1. Who's responsibility is it to enter information assets into the asset inventory? As the Information Security lead should that be facilitated by me?

  • Number of not applicable controls in statement of applicability

    Dejan, after two stage 1 audit for two companies I feel me rather confused, because I excluded almost fifty percent of controls in annex A, and the auditor considered this a problem to fix. Is it mandatory to apply almost one hundred controls. The two companies choosed the controls to apply after the risk assessment process, and defined as not applicable those for which there was no risk to treat or no requirement by interested parties.

  • Various IT audits to an organization

    An organization having information assets includes network, security, application assets. What are the various types of audits that can be recommended to the organization from the scratch to cover the compliance level. TIA

  • What does 'Managing records kept on the basis of this document' mean?

    Can I check what does section 4 usually holds in each of the documents - "4. Managing records kept on the basis of this document".

  • Mobile device management for ISO 27001 implementation?

    How MDM can help to implement ISO 27001 MDM-Mobile device management?

  • Risk assessment - threats related to top management

    I am in the process of completing the Risk Assessment table. Can you give me examples of what types of threats that top management could pose in a very small company--5 people?

  • Implementation and certification support

    What certification/accreditation does a company that provides certification support need to have ?

  • Frequency of the internal audit

    Is there a best practice for timing the process review component of ISO 27001? For example quarterly or annually?
Page 434 of 542 pages