ISO 27001 & 22301 - Expert Advice Community

Guest

Guest

Create New Topic As guest or Sign in

HTML tags are not allowed

Assign topic to the user

Assign
  • Setup of Governance, Risk and Security department

    I have been tasked to setup the IT Governance, Risk and Security department from zero and was wondering what approach to take to make it easy to adopt as well as practical being practical and allow me to introduce polices, guidelines to mitigate risks as I go along.

  • Which are the right ISO standards to use

    I would like your guidence in which standards are the right to use in respect of service continuity management. I find as well 27001 as 27301 and 27031 all relevant on top of 22301 for business continuity mgmt. Please let me know how you see which of these are most right to relate to as the primary - or if you find it relevant to look after more than one.

  • Reputation Management ISO product

    Question please, what is the status of the Reputation Management ISO product?

  • Closed the minor NC for last year

    Hi! I wanna ask something. What is the client already closed the minor NC for last year? However this year we still find the same issue. Is it minor or major?

  • How is the supply chain interrelated with business continuity?

    Como se interrelaciona la cadena de suministro con la continuidad del negocio y como generar el plan emergente durante la ruptura de alguno de los eslabones

  • ISO 27001

    I need an expand scope of applicable standards and international regulations, and a clear statement of the goal, the intended scope of the study, a clear calendar schedule, and each artifacts on international requirements on personal data protection, telecommunications, incident investigation.

  • Question about the ISO 27001 controls

     He comparado el clausulado de la norma ISO/IEC 27001 contra el clausulado utilizado en los documentos y he notado que no están desarrollados los 114 controles.

    El objetivo es documentar los 114 controles sin excepción, esto debido a que el resultado de la documentación a nivel 1 será revisado por una empresa del gobierno de mi país.

    (I have compared the clauses of the ISO / IEC 27001 standard against the clauses used in the documents and I have noticed that the 114 controls are not developed.

    The objective is to document the 114 controls without exception, this because the result of the documentation at level 1 will be reviewed by a company of the government of my country.)

  • BCMS objectives

    Give input to the Business continuity objectives for the ISO year 2021 for an organisation

  • License management Auditing

    Could you possibly point me in the right direction in ISO 27001 where I can find information about License management Auditing?

  • Integration of 22301 and 27001 - common policies

    We have already implemented ISMS in our organization and work on BCMS implementation. Is it a good idea to add selected BCM contents to existing ISMS policies? I mean to update create one main policy with general contents dedicated to IS and BCM (inc. context ect.) to have Information security and Business Continuity Policy - main document. Then one detailed policy for BCM and IS events, which clearly describes who and how manage such incidents. Our priority is to have one integrated system covering ISM and BCM, not two separated management systems. Thanks for your advice

Page 5 of 411 pages