ISO 27001 & 22301 - Expert Advice Community

Home / ISO 27001 & 22301

Discussions

Top Contributors

Expert

Rhand Leal

4148
Discussions
Expert

Carlos Pereira da Cruz

1915
Discussions
Expert

Dejan Kosutic

365
Discussions

Most Popular Tags

Product: Conformio Product: ISO 27001 Documentation Toolkit Product: ISO 13485 & MDR Integrated Documentation Toolkit ISO 27001 ISO 9001 Product: ISO 27001 & ISO 22301 Premium Documentation Toolkit Risk Assessment Product: ISO 13485 Documentation Toolkit ISMS register of requirements Internal Audit Product: ISO 27001/Risk Assessment Table Product: ISO 27001 & ISO 27017 & ISO 27018 Cloud Documentation Toolkit Certification ISO 14001
Select
CREATE NEW TOPIC +
Guest

Guest

Create New Topic As guest or Sign in

HTML tags are not allowed

Select

Assign topic to the user

  • Disaster

     a.- Do you have available articles, where you give your advice in how to define a disaster in a DR plan?

  • Asset management

     Concerning my query on Asset Management

  • ISO 27001 on a personal level

     I was interested to learn about iso 27001 on a personal level, but it is a bit much for a small organization with no formal security, no compliance requirements, and no desire to add security.

  • Clause 7.2

     I noticed in the article indicated that the clause 7.2 is included in internal issues. I must prove that people involved in the implementation of the ISMS has competence to perform these tasks, or should I just have evidence that gave training to all company employees to become aware?

  • Your organization and your customer

    Please, I would like to ask about ISO 27001. I have on doubt. For example, I selling a SYSTEM. So, my customer has whole infrastructure to support the SYSTEM that he bought from me. Servers, Storage, Network. I just create and install the SYSTEM on the customer environment. All management is customers own.

  • Implementation, maintenance and improvement of the ISMS

     What would be resources for the implementation, maintenance and improvement are ISMS and which document I must inform you

  • Risk Treatment Plan and Risk Treatment Process

    According to this article (Risk Treatment Plan and risk treatment process - What's the difference) risk treatment plan have to set a responsible, it is the same responsible for the risk I determined the risk assessment table?

  • Clauses and security controls

    Your statement of applicability starts with A.5 but your Mandatory Doc starts with a 4.X. Mandatory is 2013 but I am not sure the controls match up?

  • Identify Internal and External issues

     The standard requires that we identify internal and external issues that are relevant to the organization. According to ISO 31000 these factors could be cultural, political, financial, etc. But what about these factors I have to collect and what it can influence the information security?

  • How to write ISO 27001 risk assessment methodology

     many thanks for your mail. I tried the first document template I ordered and I like it. I will try to convince my boss to buy the rest next week. We just started our project for implementing the iso27001 in our company.
Page 502 of 542 pages