Search results

Home / Search

Category:
Select
Select

11268 results

Guest

Guest

Create New Topic As guest or Sign in

HTML tags are not allowed

Select

Assign topic to the user

  • Lead Auditor + Lead Implementer?


    Answer:
    Yes, from my point of view can be good for you to become also Lead Implementer, because can give you more knowledge and experience about ISO 27001 (from other point of view, I mean, from the implementer side).

    Anyway, if you want to focus your career on auditing, the Lead Implementer will be little relevant for you. I recommend you to read this article about differences about both courses “Lead Auditor Course vs. Lead Implementer Course - Which one to go for?” : https://advisera.com/27001academy/blog/2014/06/16/lead-auditor-course-vs-lead-implementer-course-which-one-to-go–for/

    And if you are really interested in the Lead Implementer course, this article can be interesting for you “How to become an ISO 27001 / ISO 22301 consultant” : https://advisera.com/27001academy/blog/2014/07/21/how-to-become-an-iso-27001-iso-22301-consultant/

    Finally, remember that we also have our online courses:

    “ISO 27001: 2013 Foundations Course” : https://advisera.com/training/iso-27001-foundations-course/

    “ISO 27001:2013 Internal Auditor Course” : https://advisera.com/training/iso-27001-internal-auditor-course/

  • ISO certification for indivuduals


    Answer:

    Depending on the job you will be performing, you can decide to go on different courses. If you plan to perform a job of certification auditor, you will have to pass accredited course, these courses include not only the information about requirements of the standard but also the techniques for certification audit and they are the most expensive.

    If you are planning to work as an internal auditor or part of the quality department in a company and not to perform certification audits, you may go for some less demanding courses (in terms of money) and still get sufficient level of knowledge regarding the standard.

    We provide two types of free ISO 9001, ISO 14001 and ISO 27001 online courses:
    - Foundations course that will give you an insight on the requirements of the standard and the best practices for implementation and maintenance of the management system, and
    - Internal Audit course that includes Foundation cou rse plus one additional day for explaining techniques for planning, conducting and reporting on internal audits.

    More information about our online curses, you can find on this link https://advisera.com/training/

    The courses are completely free, however, certain fee should be paid to pass the certification exam.

  • What processes does ISO 9001 covers?

    No, according to ISO 9001:2015 it is not mandatory to include in the quality management system any disciplinary or staff sickness procedures/policies

  • What is ISO 9001:2015


    Answer:

    ISO 9001 is the international standard for Quality Management Systems (QMS), published by ISO (the International Organization for Standardization). The Quality Management System, which is often referred to as a QMS, is a collection of policies, processes, documented procedures and records. This collection of documentation defines the set of internal rules that will govern how your company creates and delivers your product or service to your customers.

    For more information, see:
    - What is ISO 9001? https://advisera.com/9001academy/what-is-iso-9001/

  • Life-cycle and environmental aspects evaluation


    Answer:

    Yes, the life-cycle of the products should be evaluated in perspective of environmental aspects, meaning that you need to identify and evaluate all environmental aspects that emerge in each phase of your product life-cycle and to define operational controls for each significant environmental aspect.

    For example, if you produce some chemicals, during the production there can be various environmental aspects so you need to prescribe how the impact of those aspects will be decreased, than in the phase of storage and transport, the chemicals may be spilled, so it is an environmental aspect that you control by defining way of packaging, storing and transporting the chemicals.

    But there are some phases of life-cycle that you may not control, such as the storage conditions at your clients, etc. In such situations you can't prescribe operational controls but you can provide the instructions to your clients.

    The point is, during the evaluation of environmental aspects in life-cycle of your products you need to determine not only the significant environmental aspects, but also the extent of the controls that you can establish.

    For more information, see:
    - 4 steps in identification and evaluation of environmental aspects https://advisera.com/14001academy/knowledgebase/4-steps-in-identification-and-evaluation-of-environmental-aspects/

  • Password management


    Answer:
    In accordance with the control 9.4.3 Password management system of ISO 27002:2013 (or A.9.4.3 in the Annex A of ISO 27001:2013), you should enforce regular password changes and as needed (but the frequency is not established in the standard). So, you can establish the frequency that you want. However, you should define the frequency based on the results of the risk assessment related to your IT system - if the risks are very high, you might set the frequency to 1 month, if they are high then the frequency might be 3 or 6 months, if the risks are low then every 1 or 2 years.

    By the way, we have a template that you can use as Password Policy, you can see a free version of this document clicking on “Free demo” tab here “Password Policy” : https://advisera.com/27001academy/documentation/Password-Policy/

    And our on line course can be also interesting for you “ISO 27001:2013 Foundations Course” : https://advisera.com/training/iso-27001-foundations-course/

  • Power management


    Answer:
    Yes, Facility Management (as part of IT Operations function) includes also power back-up. Please read the article "IT Operations Management Function in ITIL" https://advisera.com/20000academy/knowledgebase/operations-management-function-itil/ to learn more about IT Operations function according to ITIL.

  • L1 and L2 support in financial industry

    when reopen?

  • ISO 27000:2016


    Answer:
    Yes, you are right, ISO has published recently the ISO 27000:2016, but the structure of the standard is very similar to the previous ISO 27000:2014 (by the way, the clause 2 Terms and definitions includes the same terms in both standards). The main change that I have seen is that in the clause 0.2 ISMS family of standards, the new ISO 27000:2016 references to new standards like ISO 27009, ISO 27017 or ISO 27018.

    Anyway, from my point of view, the formal recommendation is that you always need to have the latest version of all standards, but in this case if you do not work with these new standards (ISO 27009, ISO 27017, ISO 27018), maybe the last revision of ISO 27000 will be not relevant for you.

    Finally, do you know that we have an online course? Please try it! “ISO 27001:2013 Foundations Course” : https://advisera.com/training/iso-27001-foundations-course/
Page 1023-vs-13485 of 1127 pages

Didn’t find an answer?

Start a new topic and get direct answers from the Expert Advice Community.

CREATE NEW TOPIC +