Take the ISO 27001 course exam and get the
EU GDPR course exam for free

ISO 27001 & 22301 - Expert Advice Community



Create New Topic As guest or Sign in

HTML tags are not allowed

Assign topic to the user

  • Disciplinary actions

     In which document should we talk about disciplinary actions (or penalties) if the ISMS is violated by an employee? Is this point covered in a template provided?
  • Big asset inventory

     Our approach is to prepare asset inventories per department/section. Currently, the asset owners are finishing this exercise and some have already sent the inventory files back to me for reviews.
  • Lograr la certificacion en la norma ISO 22301

     Buen dia estimado , me podrian indicar cuales serian los lineamientos que necesita una organizacion ( grande o pequeña) para lograr la certificación en la norma ISO-22301
  • Purchase the ISO 27001 standard

    I am certified ISO 22301, and i have the hard copy. where can i find soft copy for ISO 22301 ?
  • What is the ISO 27001 standard

    I need your help in what are the standards of ISO security?? I mean for example if you want to do security to your computer..one of thing you will do assign for a strong password... My question is ..what is the reference in ISO....How i got that reference
  • Scale of BIA to determine RTOs and RPOs

    I have question regarding the scale of BIA to determine RTOs and RPOs:
  • Aspects in A 14.2.5

    Secure system engineering principles)Can you help me to understand some aspects in the A 14.2.5 of ISO 27002:2013   1. Does the mentioned clause refer to just software development or to the large information system design?   2. What are the main aspects of the clause and how the organization should implement the requirements of this chapter?   3. How the implementation of above mentioned clause can be checked by an auditor and what will be the evidence of implementation of requirements?   Thanks, Aram Arekhtsyan IT Security Specialist
  • Seguridad de la Informacion en la Gestion de proyectos

     Tengo una inquietud,  frente  al control nuevo de esta norma : 6.1.5. Seguridad de la Información en la Gestión de  Proyectos.
  • Impact in the ISO 27001

     1. When we say impact of a threat do we mean the impact on the user of the asset or the organization?
  • Information classification

     We have an ongoing discussion at the work place about the difference between 2 classifications : CUG: closed user group and confidential.