SPRING DISCOUNT
Get 30% off on toolkits, course exams, and Conformio yearly plans.
Limited-time offer – ends April 25, 2024
Use promo code:
SPRING30

ISO 27001 & 22301 - Expert Advice Community

Home / ISO 27001 & 22301

Discussions

Top Contributors

Expert

Rhand Leal

4148
Discussions
Expert

Carlos Pereira da Cruz

1915
Discussions
Expert

Dejan Kosutic

365
Discussions

Most Popular Tags

Product: Conformio Product: ISO 27001 Documentation Toolkit Product: ISO 13485 & MDR Integrated Documentation Toolkit ISO 27001 ISO 9001 Product: ISO 27001 & ISO 22301 Premium Documentation Toolkit Risk Assessment Product: ISO 13485 Documentation Toolkit ISMS register of requirements Internal Audit Product: ISO 27001/Risk Assessment Table Product: ISO 27001 & ISO 27017 & ISO 27018 Cloud Documentation Toolkit Certification ISO 14001
Select
CREATE NEW TOPIC +
Guest

Guest

Create New Topic As guest or Sign in

HTML tags are not allowed

Select

Assign topic to the user

  • ISMS and PCI DSS

    I am leading a team which is working on ISMS and PCI DSS certifications and implementing Information Security at our global office locations and Data Centers. I Would love to know how ISMS can be implemented on a quite complex and diversified organization?

  • First things in the ISO process

    In the ISO process, what are the first things you should look at ? What I want to know, is what will fall in line with top priorities so you can create a flow chart and work from the most critically important to the the less significant issues and can you build upon each ?

  • More information about the SOA

    More elaboration on SOA

  • Template for the context of the organization

    I have put in place the context of organization and also listed down various Interested parties. Now i need to write down a procedure on how do we collect feedback from these interested parties. Is there any template or example you can help me with so I can show this data?

  • Specific requirements about the qualifications of an internal auditor?

    As an expert in ISO 27001:2013, i would like to know the qualification of one who can conduct an internal isms audit. Must the person be ISO 27001:2013 Certified? What is the requirement of ISO 27001 on this matter?

  • Best practice for residual risk?

    The product of Asset value, likelihood, impact and vulnerability is 36. After implementing a control, the residual risk drops to 12. Any best practice for considering such a number as an acceptable level of risk or not?

  • What if supplier refuses to apply security measures?

    In case suppliers refused to apply the required security measures during the ISO implementation (still no certification), how would that affect the certification process?

  • Initiating failover to the secondary site

    Once a major incident has occurred, at which point does the calculation to initiate and failover to the secondary site, start considering at the time of incident it may not be major but due to the service being critical and the prolonged time for it to brought up again - as an example RTO 30 minutes so after what time of incident occurring can this 30 minutes start since failover will also take 30 min once the decision is made?

  • Questions on Risk treatment table

    For Risk Treatment Table, do we need to copy all the risks from risk assessment table or only with high risk?

  • Beneficios de gestión de riesgos e ISO 27001

    Cual es el mayor costo beneficio de implementar un a Gestion de Riesgos basada en esta ISO 27001, a su modo de ver. Esta esto estadisticamente cuantificado en España, Europa, Estados Unidos, etc?
Page 443 of 542 pages