ISO 27001 & 22301 - Expert Advice Community



Create New Topic As guest or Sign in

HTML tags are not allowed

Assign topic to the user

  • Information Security Aspects of Business Continuity

  • Applicability of ISO 27001 procedures in scope with multiple departments

    1. If there are, say, 2 business units A & B in the isms scope. On risk assessment it was found that A requires a specific control to mitigate a specific risk (e.g. backup of its systems to maintain business operations in the event of a disaster). So a standard or policy has been written up that states that requirement. But, the standard or policy states the scope is the scope defined in the scope document. And scope document says both A & B are included. So the question is, does that control requirement apply to only A or all units?
  • ISO 9001 and ISO 27001Requerimientos ISO 27001

  • Accept the risk

  • Awareness for a IT team

  • Doubts about A.14.2.5

  • External CISO

  • Security Manager Position

  • Firewall and suppliers

  • ISO 27001 courses for beginners