Start a new topic and get direct answers from the Expert Advice Community.
CREATE NEW TOPIC +Search results
11269 results
Guest
Guest
Create New Topic As guest or Sign in
Assign topic to the user
-
ISO standards related to cabling
Answer:
I suppose that you mean “data center”, and yes, the best ISO standard for cabling is ISO/IEC 24764, you can download it from the official site of iso.org: https://www.iso.org/standard/43520.html
Another international standard related to cabling is TIA-942, although it is not a ISO standard.
Regarding overhead or underground, both methods have advantages and disadvantages, and a study is necessary to know what is the best in each case (for example, keep in mind that if the refrigeration system is underground, can be better to cabling overhead).
Anyway, remember that ISO 27001 can also help you, because there are controls related to management of physical and environmental security (for example control A.11.2.3 is about cabling security), and there are many companies that have decided to certify with ISO 27001 their data centers. This article can be interesting for you “ISO 270 01 Case study for data centers: An interview Goran Djoreski” : https://advisera.com/27001academy/blog/2013/10/29/iso-27001-case-study-for-data-centers-an-interview-with-goran-djoreski/
By the way, this article can be also interesting for you “Physical security in ISO 27001: How to protect the secure areas” : https://advisera.com/27001academy/blog/2015/03/23/physical-security-in-iso-27001-how-to-protect-the-secure-areas/
And finally, if you are interested in ISO 27001, maybe can be also interesting for you our online course “ISO 27001:2013 Foundations Course” : https://advisera.com/training/iso-27001-foundations-course/ -
How to set measurable security objectives?
Yes
-
ITIL certification
Answer:
ITIL certification exists only for individuals but not for organizations/companies. So, from the company point of view – only ISO 20000 certification can be granted.
These article will help you:
ITIL/ISO 20000 Certification / Training https://advisera.com/20000academy/knowledgebase-category/itil-iso-20000-certification-training/ -
ISO 20000 Foundation
Answer:
Yes, it's worth to go for ISO 20000 Foundation certification. It will give you thorough overview of the standard requirements, as well as what do you need to implement to achieve ISO 20000 certification for your organization.
These article will help you:
"Process to obtain ISO/IEC 20000 certification: Companies and individuals" https://advisera.com/20000academy/knowledgebase/iso-20000-certification-the-process-of-obtaining-a-certifica/ -
Major Incident disadvantages
Answer:
You noticed correct - high pressure (including a lot of buzz and mess inside the incident management team are example of disadvantages. The other, what I can think of, are:
- misuse - when there is no right definition of what major incident is - there is a danger in misusing incident categorization as major incident in order to get more attention, resources and quicker resolution
- costs - resolving major incidents will require recruiting of best people you can find. Sometimes external ones. And such resources are expensive. More incidents categorized as "major" - more money spent.
- time factor - major incident gets (usually)highest priority, so all other activities are paused until major incident is resolved.
But, please don't take disadvantages as stopper for major incident process implementation. Such process has to exist, just be aware that there are side-effects.
These article will help you learn more about Major Incident Management: "Major Incident Management – when the going gets tough…" https://advisera.com/20000academy/knowledgebase/major-incident-management-going-gets-tough/ -
Implementing ISO 9001:2015 in ceramics company
Answer:
The process of implementation is the same for every company regardless of the type of business and processes.
First, you need to have the top management on board for this project, because without their support it would be impossible to implement the standard. Next step is to perform a GAP analysis in order to determine to which level your company is already compliant with the standard and what needs to be done to achieve the full compliance.
Then, it is the best to set up the implementation as a project, to clearly define all the tasks and responsibilities for the tasks as well as the deadlines. Once you create all necessary documents and implement the changes in your processes, you can conduct the internal audit and management review and then your company will be ready for certification audit.
As far as E2 shop system is concerned, this information just need to be included in your documentation and particularly in your sales proced ure.
For more information about implementation process download this free ISO 9001 Implementation Diagram https://advisera.com/9001academy/free-downloads// -
Mandatory documents for ISO 9001:2015
By the way do you have a list of all procedures/documentation that are required by ISO, minimum as well as suggested.
Answer:
Yes, we do have a list of mandatory documents and records as well as the suggested ones. You can find them in the article:
- List of mandatory documents required by ISO 9001:2015 advisera.com/9001academy/blog/2015/10/20/list-of-mandatory-documents-r equired-by-iso-90012015/
And, there is also a whitepaper with additional information about documents and records in new version of the standard: Checklist of Mandatory Documentation Required by ISO 9001:2015 https://advisera.com/9001academy/free-downloads// -
Change Initiator vs Change Implementer
Answer:
Change initiator is someone who starts i.e. initiates Change Management process. That could be your customer, Service Level Manager, you Continual Service Improvement manager (or some similar role), Problem Management process...etc. That depends how did you set your Change management process.
Change Implementer is the one who implements change. Usually, Release and Deployment Management process is responsible to implement changes. Of course, standard changes (i.e. pre-approved changes) are not meant by that. They will be implemented by your administrators, IT Operations team or someone similar (again, depending on the organizational setup).
These articles will help you:
"Elements of Change Management in ITIL" https://advisera.com/20000academy/blog/
"ITIL/ISO 20000 Request for Change – Your steering wheel throughout the change lifecycle" https://advisera.com/20000academy/blog/2015/09/01/itiliso-20000-request-for-change-your-steering-wheel-throughout-the-change-lifecycle/ -
The process of implementation in a simple way
Answer:
Maybe the easiest way to understand the process of implementation is to see it as a checklist of 16 steps, so this article can be very useful for you “ISO 27001 implementation checklist” : https://advisera.com/27001academy/knowledgebase/iso-27001-implementation-checklist/
We hope you in the next webinar where we will also speak about this process of implementation, and remember that we also have an online course that can be interesting for you “ISO 27001:2013 Foundations Course” : https://advisera.com/training/iso-27001-foundations-course/ -
ISO 27001 and COBIT 5
Answer:
Basically ISO 27001 is focused specifically to information security, while COBIT is focused on IT governance (one part of IT governance is also information security).
By the way, a company can get certified against ISO 27001 but cannot certify against COBIT.
Finally, our online course can be very interesting for you “ISO 27001:2013 Foundations Course” : https://advisera.com/training/iso-27001-foundations-course/