ISO 27001 & 22301 - Expert Advice Community



Create New Topic As guest or Sign in

HTML tags are not allowed

Assign topic to the user

  • Is it necessary to supply the assessor with a record of the router configuration?

    Hi. I have a question relating to ISO27001. Under an ISO audit, is it necessary to supply the assessor with a record of the router configuration?

  • ISO 27001 Asset-based risk assessment

    Quick question, please. When doing an ISO 27001 Asset-based risk assessment, do I keep the assets that have no impact on information security still in the risk assessment matrix or do I only keep assets that have an impact on information security

  • Project Plan

    I am in the product and looking at Project Plan tutorial. The plan looks like a big piece of work and I feel we are past the Plan phase. So my Question is, is the Project Plan actually a requirement of the ISO implementation?

  • Define and formalize a Top Management involvement strategy


    Can you please advise me how to define and formalize a top management involvement strategy?

  • Information Security Incident or Business Continuity Disruption

    If a customer has a business continuity disruption that affects the availability of information, must they log it as an InfoSec incident AND a BCMS Disruption?  How should they go about assessing which system to manage it under?

  • List of referenced risks and numbers

    )n the example of the Risk Treatment Plan used in the ISO 27001 online training, there was mention of reference to risks like:-
    Risk no 16. Unavailability of electronic records due to accidental loss.
    Risk no 32. Laptops could be stolen by external persons.
    How do I get a list of this referenced risks and numbers?

  • Key elements of ISO 27001

    he Ministry of Justice is requiring ISO27001 of the charities providing resettlement services, some as small as £100k turnover.

    I have been asked, for tomorrow, to explain it to them. What are the key elements that I could explain in 5 minutes?

    Looking online i see a lot about process and reports, not much about what technology they have to have in place.

    Hope you can help!

  • Main challenges in the implementation of ISO 27001

    What are the main challenges in the implementation of ISO27001?

  • Information Security Management System

    Aconsejaría (viable) y que recomendaciones daría durante o posterior al diseño del SGSI se desarrolle una aplicación para realizar una gestión y seguimiento automatizado y adecuado de la seguridad de la información, con una trazabilidad al implementar un Sistema de Gestión de Seguridad de la Información (SGSI)?

  • How to inspire people for new standard?

    How to inspire people for new standard (their work is longer after iso and they need to document doings, get tickets for passwords, have DLP etc.etc.)

Page 8 of 411 pages