Get a 20% discount on the first year of the Company Training Academy annual plan.
Limited-time offer – ends April 24, 2025
Guest
Guest
Create New Topic As guest or Sign in
Assign topic to the user
-
Risk management in BCMS and ISMS
I want to know about risk management in bcms & isms. I want differences between both risk management techniques. -
Validate documents
I want to know if you can help me to validate, if my policies are correctly aligned to ISO 27001? -
Laws, regulations and ISO 27001 / PCI-DSS
-
Information security and BCM/BCP strategies
Does your documentation toolkit below consist of Information security and BCM/BCP strategies ? -
Security risks dealing with suppliers
This may sound a little odd a question at this stage of the implementation, but How do we get to what is a security risk in the first place when dealing with suppliers etc, how can this be done specifically? -
Policy for mobile device/teleworking, NDAs and metrics
-
Acceptable use of assets
How to define acceptable use policy for " human assets. If it is UPS or Laptop it is easy to define, but if it is the human resource? Please help me on this -
Risk Assessment vs Incident Management
We've received the following questions: 1. I would like to know difference between Risk Assessment and Incident Management 2. During risk assessment, we consider Disaster as risk, how can it become incident later, even it identified earlier Answers: 1) Risk assessment is a process where you try to identify all the potential security breaches that might happen in the future. Incidents are the risks that have materialized, i.e. the real breaches that have happened; incident management is a process for managing incidents. 2) Disaster itself is not a risk, it is a threat; it can become an incident if you didn't implement all the security controls to prevent such an incident. -
Exclusion of controls
Which controls from Annex A can be excluded, if my organization: -
Communication Plan and Corrective Actions