ISO 27001 & 22301 - Expert Advice Community

Home / ISO 27001 & 22301

Discussions

Top Contributors

Expert

Rhand Leal

4151
Discussions
Expert

Carlos Pereira da Cruz

1915
Discussions
Expert

Dejan Kosutic

365
Discussions

Most Popular Tags

Product: Conformio Product: ISO 27001 Documentation Toolkit Product: ISO 13485 & MDR Integrated Documentation Toolkit ISO 27001 Product: ISO 27001 & ISO 22301 Premium Documentation Toolkit ISO 9001 Risk Assessment Product: ISO 13485 Documentation Toolkit ISMS Internal Audit register of requirements Product: ISO 27001 & ISO 27017 & ISO 27018 Cloud Documentation Toolkit Product: ISO 27001/Risk Assessment Table ISO 9001:2015 ISO27001
Select
CREATE NEW TOPIC +
Guest

Guest

Create New Topic As guest or Sign in

HTML tags are not allowed

Select

Assign topic to the user

  • ISO 27001 and ISO 22301

    1. Is there any comparison of clauses between both these standards as which are the same and how much percentage are differenent? I know these are different standards but may be you have a comparison in a blog?

  • 13.1.2 Security of network services

    I think I have just not understood what is required........ My client network is completely managed by a supplier..... what should my client do to comply to this control....?

  • Interested parties in the ISMS manual?

    Hello, I have added the interested parties in our ISMS manual under Context of organization. I would need help on how to add a procedure on collecting feedback from interested parties. Can anyone of you help me by giving an example on how to prepare this procedure?

  • Audit in one location and continue in another location

    Is it possible to update Risk Register after Audit has been performed in one location but is expected in other?

  • ISMS and PCI DSS

    I am leading a team which is working on ISMS and PCI DSS certifications and implementing Information Security at our global office locations and Data Centers. I Would love to know how ISMS can be implemented on a quite complex and diversified organization?

  • First things in the ISO process

    In the ISO process, what are the first things you should look at ? What I want to know, is what will fall in line with top priorities so you can create a flow chart and work from the most critically important to the the less significant issues and can you build upon each ?

  • More information about the SOA

    More elaboration on SOA

  • Template for the context of the organization

    I have put in place the context of organization and also listed down various Interested parties. Now i need to write down a procedure on how do we collect feedback from these interested parties. Is there any template or example you can help me with so I can show this data?

  • Specific requirements about the qualifications of an internal auditor?

    As an expert in ISO 27001:2013, i would like to know the qualification of one who can conduct an internal isms audit. Must the person be ISO 27001:2013 Certified? What is the requirement of ISO 27001 on this matter?

  • Best practice for residual risk?

    The product of Asset value, likelihood, impact and vulnerability is 36. After implementing a control, the residual risk drops to 12. Any best practice for considering such a number as an acceptable level of risk or not?
Page 444 of 544 pages