Is your SOA template aligned with 27001:2005, 2013 or perhaps it doesn't actuall matter?
Risks involved in going full ISO compliant
Could you please inform me more of Risks involved going full ISO compliant?
ISMS Policy and Objectives
I need to write a new policy called " ISMS Policy and Objectives". What does this policy contain? Is this necessary? Is this different from ISMS policy?
Security controls
Interested party
Análisis de riesgos en un Data Center
Mucho gusto. Agradezco la oportunidad que brindan a través de sus servicios. Deseo saber si puedo abordarles ya que estoy haciendo mi práctica profesional. El reto propuesto es medir los riesgos en el Data Center de la Empresa Gestión sobre la cual no tengo experiencia previa y casi ningún conocimiento al respecto. Necesito Ayuda.
Operation and practices documented
If the operation and practices are in place but it is not documented, then how to rate that risk, High medium or low
Implementacion ISO 27001
Me ha sido de gran apoyo toda la documentación y correos enviados; te platico que nosotros estamos en México y deseamos certificarnos en ISO 27001-2013, necesito saber en qué me pueden apoyar (Implementación, cursos, norma, certificación, etc) y cuál es el costo.
Does all the Policies and procedured need to be in Word/PDf format?
Does all the Policies and procedured need to be in Word/PDf format?. I am right now preparing a communication policy. As per ISO 27001, commuication policy should define who, wat, when and how to comunicate. Can i maintain all these in the excel file, just like shown below. Will that be accepted as a policy? or is there a better way....
What to Communicate
When
To Whom
How
Who shall Communicate
Records
Owner
Internal Audit Plan
As per the periodicity defined in IQA
PL's
eMail
SQA
Internal Audit Records
SQA