ISO 27001 & 22301 - Expert Advice Community

Home / ISO 27001 & 22301

Discussions

Top Contributors

Expert

Rhand Leal

4148
Discussions
Expert

Carlos Pereira da Cruz

1915
Discussions
Expert

Dejan Kosutic

365
Discussions

Most Popular Tags

Product: Conformio Product: ISO 27001 Documentation Toolkit Product: ISO 13485 & MDR Integrated Documentation Toolkit ISO 27001 ISO 9001 Product: ISO 27001 & ISO 22301 Premium Documentation Toolkit Risk Assessment Product: ISO 13485 Documentation Toolkit ISMS register of requirements Internal Audit Product: ISO 27001/Risk Assessment Table Product: ISO 27001 & ISO 27017 & ISO 27018 Cloud Documentation Toolkit Certification ISO 14001
Select
CREATE NEW TOPIC +
Guest

Guest

Create New Topic As guest or Sign in

HTML tags are not allowed

Select

Assign topic to the user

  • ISO27001-cryptographic control

    1 - Would you be so kind to explain to me why I see differences between your explanation here: https://advisera.com/27001academy/how-to-use-the-cryptography-according-to-iso-27001/

    and my paper version of 27001 - there is Cryptographic control defined under A.10.1.

    I have iso 27001:2013

    In your text there is mentioned A.8.24

    2 - my second question is - can you recommend me any webpage where can I see any example of cryptographic control. thank you

  • Migration from the 2013 to the 2022 documents

    I am currently working on a project with a client attempting to get them ISO 27001:2022 certified. The project started in mid 2020 and we took over the project late last year and are using the 2013 version of the templates however, we are not sure whether we need to use the 2022 transition documents to update their project or whether we can stay on the 2013 iteration of the standard for their certification later on in the year. 

    If you need any further context regarding the project, please let me know.

  • Is your ISO 22301 toolkit covering ISO 22361?

    Could you please confirm whether you have Implementation Document Toolkits for ISO 22361:2022 - Crisis management — Guidelines and ISO 22316:2017 - Security and resilience? Or is your ISO 22301 Toolkit covering these requirements?

  • Latest version of Statement of Applicability

    What is the latest version of Statement of Applicability? Have the controls changed since 2017?

  • How to keep being trained and skilled and best way to find work?

    I am currently reading it and so far you succeded in making the topic of ISO27001 easy to understand and apparently simple to implement even though I have no expeirnce on that.

    I hqve pqssed the ISO 9001:2015 Lead Auditor CIRCA Exam but kind of new in the profession. I also passed the foundation vouse for ISO 27001:2022 with your company.

    I find mysleft isolated and not sure how to practice to keep what I learnt but most importantly find work because I am currently unemployed in the Philippines.

    What advise would you give me to keep being trained and skilled as well as to the best way to find work (middle-east, south-east asia or Europe)?

  • Question about tools and scope

    1 - what are the tools free for e.g. evaluation and you have also a repository for the documents.

    2 - Can you tell me which tools are free and where i can see the list of document templates and which are mandatory for the certification ??

    3 - What is in case of a Scope Extension when I want to incorporate also SW Products ???

  • Help for maintaining a risk register

    I'm helping a organisation with their ISO27001 work.

    I've seen the instructions on how to setup the riskregister which seems easy but do you have any instructions on how to work with the risk register the upcoming years and cycles after certification. (our mutal customer has implemented and certified ISO27001 in yoor tool)

    It looks like you need to go through the process all over again to reach the register and all risks seems to get the riskvalus zero after a plan.

    I'm looking to se the progress of making the risk smaller, filter and work with all risks in prioritization order which the auditors demand.

    Can you guide me to any information, manual or video on how to work with the register after implemantation? (Or are you supposed to extract it and work in excel or alike)

  • ISO 27001 version mention

    Just curious, in the ISO27001 history, the 2017 version was not mentioned, how come? Thank you for the answer. Because just this year, our company was certified in the 2017 version. I have googled it and I can't find an answer.

  • Business Continuity Procedure

    Question --> ISO 27001 ver 2013 has a "Business Continuity Procedure" listed as a mandatory document (clause A.17.1.2).  However the Advisera Toolkit for ISO 27001 only contains 1 document in the "Business Continuity" folder (under General Policies) and it is a " Disaster Recovery Procedure" -- NOT a BC procedure ??  Since 'Business Continuity' and 'Disaster Recovery' are two separate contingency plans,  is there another location in the Toolkit where the BC Procedure is located? 

    Thank you for your outstanding support.

    Complementary question: This document is listed as a mandatory document in Advisera "List of Required Docs for ISO 27001 / 2013,  but the only document included in the Toolkit under the "Business Continuity" folder is a "Disaster Recovery Procedure" ???
Page 9 of 542 pages