Guest
Guest
Create New Topic As guest or Sign in
Assign topic to the user
-
Conformio expert question about asset and access mgmt processes
How does Conformio support asset and access mgmt processes? -
A.14.2.7 - is a developer hired as a consultant considered outsourced development?
We're a software development team of 3 persons. 2 of the persons are hired directly as employees in our company but the third developer is hired through his own company, which means that legally he is a 3rd party. BUT he only works with us for the time being, being supervised by the two other developers and in every other way working as if he was practically hired directly by us in our company. Is this considered "Outsourced development"? I mean it's not like we've engaged a large company to do the development for us. The only difference is that he is sending invoices to get paid while the two other developers are getting their salary as employees. So - is a developer hired as a consultant considered outsourced development? -
Implementing 27001 or 22301?
Te reescribo la pregunta que por el chat podía estar mal redactada. Para mí, como autónomo que me dedico a la asesoría, ¿crees que es más acertado que “me implemente” la 27001 ó la 22301? (no me refiero a implementar a otros) -
ISMS evidence
As part of our support, I want to request some more explanation on the questions below related to ISO-27001:
Evidence of Communication Plan for Communications Related to the ISMS
Documented Management Review Process
Evidence of the Results of the Management ReviewsKindly provide more explanation about these requirements and what document templates maps to them .
-
Submitting CAPA for NC on opportunities for Improvement
I had a query. Can you kindly support me? Do we need to submit CAPA for NC on opportunities for improvement? -
ISO 27001
Dear, I need some clarification about the documents 5.1 and 5.2 of the iso 27001 In the "Number" field exactly what should be entered? Is a sequential number enough? Thank you in advance. -
Which bodies are obligate to have ISO 27001 certification?
Hello, I want to know which bodies are obligate to have an ISO 27K certification?
-
Audit Checklist
I am currently reading through the Audit Checklist of your ISO27001 package.
I am confused by the mixing of Business Continuity and IS Tasks.While there are many BC Questions that are irrelevant for my purposes, I am missing the entire section 8 of ISO27001.
Also when adapting the BC Tasks for IS, I later find that comparable questions are stated in later sections.
Can you perhaps provide an updated Checklist with better focus on ISO27001?
-
Requirement of Clause 8.1
Greetings! I already bought your 27001 kit, but I do not see where it addresses the requirement of Clause 8.1 -
Statement of Acceptance of ISMS Documents
We're a fairly small organization with only a few employees and a handful of 3rd parties helping us out with sales, compliance etc. We have used the "Statement of Acceptance of ISMS Documents". Could that be sufficient for "awareness training"? I mean that they sign this after reading all the documentation? Or we could add a few questions related to the policies that they were required to answer when submitting the statement? Would this be sufficient? Or is it expected by the auditors that we've bought some online tool to manage this such as the awareness training you and other companies offer?