How do project teams complete BIA Questionnaire when their main role is 'supervision' of project execution and delivery carried out Contractors on site?
Taking confidential documents away from workplace
According to our "Information Confidentiality Classification Guideline". The Confidential and Top secret paper documents could be taken away from workplace for work purposes but with Authorization of information owner required.
Mail book in the Document Control Procedure
You talk of a "mail book" in the Document Control Procedure. Can you please give further clarity on this and if its mandatory? We don't really have any important log documents my small mail.
Storage of confidential documents
HI Dejan
We have key coded secure rooms within our office. Would it be ok to store information considered "Confidential" or "Restricted" within these rooms or would they need to be stored in locked filing cabinets?
Thanks
Operating Procedures for information and communication technology
Hi Dejan
Under your toolkit the "Operating Procedures for information and communication technology". Point number 4 Managing records based on this document states
"Reports and records related to monitoring and auditing suppliers/ partners - electronic and paper form"
I'm confused as to who we are supposed to audit and how we are supposed to audit them ?
Thanks
Information labeling; destruction of records
Regarding information labelling, will we need to have all our information labelled or is it ok if employees are doing it as a process going forward?
ISO 27001 or COBIT
I am planning to do ISO 270001. I have also heard about Cobit 5. Can you advise which one to do?
ISO 27001 and PCI-DSS
i got an question about iso27001 vs pci-dss and found no information. maybe you can tell me someting about it. if a company did the iso27001 and handle with ecommerce card infos, is it nessesary to implement the whole pci-dss? i mean, they are very similar and so double doings?!
Where to get ISO 22301
I want to know how to get ISO 22301 and how much it costs
Construction of Risk Analysis
For the construction of RA (Risk Analysis), as you do it, in my situation