Please select user.Assign
There are no topics yet.
I know that generally the Justification for selection a control can be a risk, Top management solution, or legal requirement.
Can Justification also be "Best practices in IT", or "IT Management decision"? Or it must be one of the 3 mentioned above?
Thanks for this. Is there any where that I can get this information online while waiting for your webinar?
I have an urgent need to define the scope for one of my potential client but I can not wait until your webinar on the 16 Dec.
Appreciate if you can share some on-line references for the similar topic.
I noticed from the Advisera blog that there had been a significant increase in the numberof organisations certifiying to ISO 28000 (Information Security in Supply Chain). Does anyone know why this might be? II've filed this under ISO 27001 as that's the closest standard, I think)
1. How long can the background preparation stage for ISO 27001 Certification take?
2. Can I make my own assessment in this regard without consulting the policies, regulations and expectations of the company directors?
Quick question regarding the toolkit, there is nothing covering point 8.3 of annex A regarding removable medias management ?
dear support iam IT MANAGER in oil and gas company what kind of assets scheme do i create to collect both manual and digital information from all my organization departments , need sample .
I'm new to Information Security, and I have read Document policy, but I have concerns about the Backup responsibility.
Is the DBA responsible to take and store the Backup? or should be another responsible for it?
Preciso de uma ajuda/dica, de qual a melhor maneira de conseguir formalizar uma matriz de segregação de função, numa empresa pequena.
Hi Advisera Team,
I have bought the ISO 27001& ISO 22301 toolkit and it's really amazing. I have some questions regarding the annual cost of the certification (22301).
1 - The certification body has set 2 days for surveillance audit. what is cost for the second and third year and what is the cost of recertification (Roughly)?
2 - What happens if for some reason the organization didn't pay for the annual subscription for two years for example and then wanted to re-certify after that.
3 - Is there any hidden cost in the process of yearly audit and recertification audit?
Hello, dear Advisera support,
I read description of these two controls: 11.2.8 Unattended user equipment and 11.2.9 Clear desk and clear screen policy. What is the difference? Are they not the same? As I see, the Implementation method for us for these two controls is the same: Clear desk and clear screen policy.