Guest
Guest
Create New Topic As guest or Sign in
Assign topic to the user
-
Report information about compliance and audit
I am responsible for audit and compliance in my organisation. Each month, all teams report their KPIs to senior leadership. Like incident mgmt will report on - Number of major incidents. Change mgmt. - percentage of successful changes. What can I report? Number of audits (9001, 22301, 27001, 14001, customer audits)??? Volumes of NCs, OFIs?? -
Balance scorecard
Let me know if there is any iso referring to balanced scorecard ? -
Guía para definir el alcance
Me gustaría tener una guía para definir el alcance, a pesar de q tengo la guía la ISO 27003, y la 27001, no se como escribirlo, plasmar los requisitos y q debe ir en el contexto. Como lo puedo estructurar? -
Information assets
Who determines what constitutes an information asset? For ISO27001 compliance. I am battling within my organisation ... I define information assets as everything information we care about, including IT equipment and physical information. -
KPI and metrics
Are there any KPI/ metrics that can be measured and reported directly on ISO27001 or 22301? -
Auditing a server
I want to know how the auditing of server, active directory, backup, change management, patches happen while we audit ISMS? -
Multi location
what is Multi location split of project -
Making the transition from 2005 to 2013 revision of ISO 27001
Say the company has ISO 27001 already and wants to update to 2013 version - is this done with the assessing body, and is there a seminar that covers this on your course ? -
Contents of the Risk assessment report
Can you confirm if the Risk Assessment Report should contain all the results of risk assessment (ie acceptable risks and non-acceptable risks? based on the risk values that have been deduced? And the risk appetite of the business -
Risk assessment for ICS or SCADA?
Is there any specific risk assessment for ICS or SCADA ? NIST 800-82