SPRING DISCOUNT
Get 30% off on toolkits, course exams, and Conformio yearly plans.
Limited-time offer – ends April 25, 2024
Use promo code:
SPRING30

ISO 27001 & 22301 - Expert Advice Community

Home / ISO 27001 & 22301

Discussions

Top Contributors

Expert

Rhand Leal

4147
Discussions
Expert

Carlos Pereira da Cruz

1916
Discussions
Expert

Dejan Kosutic

365
Discussions

Most Popular Tags

Product: Conformio Product: ISO 27001 Documentation Toolkit Product: ISO 13485 & MDR Integrated Documentation Toolkit ISO 27001 ISO 9001 Product: ISO 27001 & ISO 22301 Premium Documentation Toolkit Risk Assessment Product: ISO 13485 Documentation Toolkit ISMS register of requirements Internal Audit Product: ISO 27001/Risk Assessment Table Product: ISO 27001 & ISO 27017 & ISO 27018 Cloud Documentation Toolkit Certification ISO 14001
Select
CREATE NEW TOPIC +
Guest

Guest

Create New Topic As guest or Sign in

HTML tags are not allowed

Select

Assign topic to the user

  • Disaster vs. Incident

    What is the different between incident and disaster? Can you give some examples for both of this?

  • If I do pen test, which controls from Annex A can be covered?

    As there are more than 100 controls in ISO 27k, which one of those can be covered by performing penetration testing. So if I do pen test, which controls from 100+ can be covered?

  • Implementing ISO 27001 in a SMB start up company

    If possible I would like to know more about a SMB start up company implementing this standard and how important it is for them.

  • ISO 31000 and ISO 27005

    If any organisation is comply with ISO 31000 so it can comply with ISO 27005 or no?

  • How to match ISO 9001:2015 with ISO 27001?

    How to match ISO 9001:2015 with ISO 27001?

  • Scope of the internal audit

    I’m trying to figure out how to write the scope for each standard that we are doing for our internal audit. What components needs to go in it?

  • How many times to list an asset on the risk assessment table

    I have just watched the video on how to prepare the risk assessment table When preparing the risk assessment table, does every single asset in the organisation need to be listed, or each type of asset For example if we there are 10 laptops and 100 desktop computers, should there be 110 assets listed on the risk assessment table, and all 110 have their own set of threats and vulnerabilities, or list 2, 1 for the laptops and 1 for the desktop computers, so there are 2 sets of threats and vulnerabilities, one for each 'type' of asset Thanks

  • Certify ISO 22301 methodology?

    I do have one question though, as a former auditor have you come across an organization that only wanted to certify their ISO 22301 methodology? From what I understand it's the whole company that is being certified. In other words, could an auditor certify just a process (eg. BCP)/methodology being used to implement BCP?

  • How detailed should be the risk assessment?

    1) Does the risk assessment need to be so detailed?

  • Is ISO 27001:2013 consistent with HLS?

    Is ISMS 27001:2013 consistent with HLS structure?
Page 440 of 542 pages