ISO 27001 & 22301 - Expert Advice Community

Home / ISO 27001 & 22301

Discussions

Top Contributors

Rhand Leal

Carlos Pereira da Cruz

Dejan Kosutic

Most Popular Tags

Product: Conformio Product: ISO 27001 Documentation Toolkit Product: ISO 13485 & MDR Integrated Documentation Toolkit ISO 27001 Product: ISO 27001 & ISO 22301 Premium Documentation Toolkit Risk Assessment ISO 9001 Product: ISO 13485 Documentation Toolkit ISMS Internal Audit register of requirements Product: ISO 27001/Risk Assessment Table Product: ISO 27001 & ISO 27017 & ISO 27018 Cloud Documentation Toolkit Product: ISO 27001 Internal Auditor Course Product: EU GDPR Documentation Toolkit

Sort by:

Select

CREATE NEW TOPIC +

Guest

Guest

Create New Topic As guest or Sign in

Business department* About business* Organization size*

Title *

Body *

HTML tags are not allowed

Category *

Select

Tags

Name *

Email *

I accept the Privacy and Terms

Notify me when someone replies

Assign topic to the user

Select user

Is ISO 27001:2013 consistent with HLS?
Is ISMS 27001:2013 consistent with HLS structure?
¿Se tienen en cuenta los activos en ISO 27001:2013?
En ISO 27001 version 2013 se tiene en cuenta los activos para evaluar los riesgos, o se evaluan directamente los riesgos sin hacer un levantamiento de activos previo?
Including employees in the inventory of assets
I need to ask about the inventory of the assets. It says I need to copy the assets from Risk Assessment Table. In Risk Assessment Table, I had mention employees also as an asset. So, in Inventory, do I need to mention employees too?
Security controls for E-Commerce?
1.Is there any clause in ISO standards which talks about security protocols in E-commerce...?
Security policy for thousands of employees
I would like to ask how to ensure that an existing security policy is well enforced in a company?
Questions about the backup policy
We store all our data in secondary back up, actually TWO secondary back ups, for just in case.
Are confidentiality level and change history mandatory in all documents?
Is Confidentiality level and Change history table in the Document and record control procedure applied only to ISMS documents or to all documents and procedures in organization?
Stage 1 and stage 2 for the internal audit?
Is it usefull to perform a Stage1 for internal audit before Stage 1 third party audit, in order to assess that documented information be complete and managed in a compliant way?
ISO 27001, COBIT and SOX
When is ISO 27001 is used and when are the compliance considered like SOX, COBIT etc. ?
ISO 27001 and massive companies
I am trying to find a solution to documenting new procedures and policies for a massive company.. in particular the risk department. At the moment there is nothing in place what so ever.... So i will have to work from the beginning on what is happening and where are the shortfalls. In order to find improvements which are documented. I need to start from scratch