Please select user.Assign
There are no topics yet.
Hi. I have a question relating to ISO27001. Under an ISO audit, is it necessary to supply the assessor with a record of the router configuration?
Quick question, please. When doing an ISO 27001 Asset-based risk assessment, do I keep the assets that have no impact on information security still in the risk assessment matrix or do I only keep assets that have an impact on information security
I am in the product and looking at Project Plan tutorial. The plan looks like a big piece of work and I feel we are past the Plan phase. So my Question is, is the Project Plan actually a requirement of the ISO implementation?
Can you please advise me how to define and formalize a top management involvement strategy?
If a customer has a business continuity disruption that affects the availability of information, must they log it as an InfoSec incident AND a BCMS Disruption? How should they go about assessing which system to manage it under?
)n the example of the Risk Treatment Plan used in the ISO 27001 online training, there was mention of reference to risks like:-
Risk no 16. Unavailability of electronic records due to accidental loss.
Risk no 32. Laptops could be stolen by external persons.
How do I get a list of this referenced risks and numbers?
he Ministry of Justice is requiring ISO27001 of the charities providing resettlement services, some as small as £100k turnover.
I have been asked, for tomorrow, to explain it to them. What are the key elements that I could explain in 5 minutes?
Looking online i see a lot about process and reports, not much about what technology they have to have in place.
Hope you can help!
What are the main challenges in the implementation of ISO27001?
Aconsejaría (viable) y que recomendaciones daría durante o posterior al diseño del SGSI se desarrolle una aplicación para realizar una gestión y seguimiento automatizado y adecuado de la seguridad de la información, con una trazabilidad al implementar un Sistema de Gestión de Seguridad de la Información (SGSI)?
How to inspire people for new standard (their work is longer after iso and they need to document doings, get tickets for passwords, have DLP etc.etc.)