SPRING DISCOUNT
Get 30% off on toolkits, course exams, and Conformio yearly plans.
Limited-time offer – ends April 25, 2024
Use promo code:
SPRING30

ISO 27001 & 22301 - Expert Advice Community

Home / ISO 27001 & 22301

Discussions

Top Contributors

Expert

Rhand Leal

4148
Discussions
Expert

Carlos Pereira da Cruz

1916
Discussions
Expert

Dejan Kosutic

365
Discussions

Most Popular Tags

Product: Conformio Product: ISO 27001 Documentation Toolkit Product: ISO 13485 & MDR Integrated Documentation Toolkit ISO 27001 ISO 9001 Product: ISO 27001 & ISO 22301 Premium Documentation Toolkit Risk Assessment Product: ISO 13485 Documentation Toolkit ISMS register of requirements Internal Audit Product: ISO 27001/Risk Assessment Table Product: ISO 27001 & ISO 27017 & ISO 27018 Cloud Documentation Toolkit Certification ISO 14001
Select
CREATE NEW TOPIC +
Guest

Guest

Create New Topic As guest or Sign in

HTML tags are not allowed

Select

Assign topic to the user

  • Cyber Security - ISO 27001

    I note that within the new ISO 27002 Code of Practice, there are no controls for cyber security.  With this in mind, would the mitigation of cyber security be addressed with network architecture kept under review and implemented, use of IDS/IPS with their configuration kept up to date for access requirements, firewalls maintained correctly, policies & procedures and maintaining a proactive posture.

  • Regarding ISMS certification and accreditation

    I've completed ISMS LA 2005 certification from BSI in June 2012. It is going to expire in June 2015. As of now, I can do only internal audit within an organization. May I know how can I get accreditation so that I can do external audit.

  • KPI for IT Disaster Recovery

    I was trying to define key performance indicators for our company's IT Disaster Recovery capabilities. Some of them i could find are as follows:

  • Information Risk Management

    How do i help/provide a professional consultancy service to a in a manufacturing industry on information risk management?

  • ISO 22301

    Could you pls help me out in understanding different types of DR sites i.e Cold,Split,Warm,Hot DR sites in details with example ?What are the main/key components of BCP plans?

  • Confidentiality of Government Information

    Our government requires its agencies to be transparent in providing information. One agency is adamant to implement ISMS because of this. How can they implement ISMS while remaining transparent?

  • 7.2 Competence

    According to Clause 7.2 Competence - ISO 27001-13 a)determine the necessary competence of person(s) doing work under its control that affects its information security performance; d) retain appropriate documented information as evidence of competence. For example the competence of CISO would affect its IS performance so should it be recorded,what type of information should be documented Eagerly awaiting replys, Thanks, Itommy

  • Advantages/Disadvantages of Asset Based Risk Assessment

    Hi All, I find that many organizations have adopted an asset based risk assessment.I am concenred that many generic risks would be missed out. I would like to know your views on pros and cons of Asset based RA. Many Thanks, Itommy

  • User profiles in Access Control Policy

    With regard to the Access Control Policy, do you recommend developing the user profiles in 3.2 and 3.3? Or would it be sufficient to describe generally the sorts of positions that get access to certain sorts of accounts?

  • ISO 17799/27001/27002?

    What is a difference between ISO 17799/27001/27002? Pls do also throw a light on COBIT also.
Page 512 of 542 pages