Get a 20% discount on the first year of the Company Training Academy annual plan.
Limited-time offer – ends April 24, 2025
Guest
Guest
Create New Topic As guest or Sign in
Assign topic to the user
-
Company allocated temporarily in another company
My company is allocated temporarily in another company. So the internet link, printer, switch and routers are shared, however property of that other company. Should I include these items in my inventory and scope? -
SoA and mandatory documents
-
Category of assets
-
Measurement of the absolute risk
Hi friends, Could you help me with the following question please: To measure the absolute risk, is necessary to evaluate the asset without protections neither controls of any kind, or it is measure with the protections or controls implemented currently on the asset? Which would be the best approach and why? Which you use and recommend? Thank so much Best regards. -
Integrate policies
Currently I encountered one problem, which is that the "Policy" of an ISMS is quite high level, while for our day-to-day work we are following some kind of "SOP", which are much lower level with details. So my doubt is how can we integrate these 2? -
Methodology based on ISO 27001 and ISO 27005
What's your methodology for risk assessment... CRAMM ... NIST 800-30? -
Group of assets
-
Business Continuity Policy
Hi, I need a clarification on the ISO22301 standard. I was going through the standard and found two term - business continuity policy and business continuity Management System policy. Are they the same or different ? if so what is the difference in the content? -
Training and exam of Lead implementor
I found the training and exam of Lead implementor is conducted by BSI as well as PECB. Which one is preferred. -
Competences in ISO 27001:2013
I have a question around the ISO 27001 transition. What do I need to demonstrate/document as competence. I havent any formal qualifications. I have done CISA training but I never passed the exam.