Search results

Home / Search

Category:
Select
Select

11275 results

Guest

Guest

Create New Topic As guest or Sign in

HTML tags are not allowed

Select

Assign topic to the user

  • BIA and BCP

    https://hub.docker.com/r/buyessay/good_essay

  • Lead Auditor


    Hi I am looking to become licensed for an auditor in order to issue certificates, is it possible for you provide me with some documentation regarding the licensure ?
     

    Answer:

    If you want to perform audits and issue certificates working with a certification body, you need to become Lead Auditor, and to do this, first you need a course for Lead Auditor. For more information about this, please read this article “How to become ISO 27001 Lead Auditor” : https://advisera.com/27001academy/knowledgebase/how-to-become-iso-27001-lead-auditor/
    Also this webinar can be interesting for you “ISO 27001 Lead Auditor Course preparation training” : https://advisera.com/training/iso-27001-lead-auditor-course/

  • Applicability of ISO 27001


    We have received very good information on Applicability of ISO 27001 . Please help us to know where ISO 20000 and ISO 22301 certification is applicable.

     

    Answer:

    ISO 20000 is for companies that offer IT services and want to give warranties to their customer that the service is given with quality and security (is based on ITIL, and also have process related to quality and to the information security). An example: Companies that offer a Data Center, or Development/maintenance of software service, etc. For more information about ISO 20000, you can visit our site and see this page “What is ISO 20000? Learn why ISO 20000 can benefit your organization": https://advisera.com/20000academy/what-is-iso-20000/
    ISO 22301 is for companies that offer a critical service to their customers and want to give warranties that the availability of the service is guaranteed. An example can be any critical service: communications, electrical, financial s ervices, etc. And for more information about ISO 22301, you can also visit our site and see this page “ISO 22301 Basics": https://advisera.com/27001academy/what-is-iso-22301/

  • ISO 27001 in the field of media production


    I was wondering if there is a possibility to consider ISO 27001 in the field of media production. I've been thinking about the matter since i'm involved in working with such an industry for the time being. I was trying to look for an approach to present the idea with no success until now. Appreciate your valuable assistance.
     

    Answer:

    Sure, ISO 27001 is interesting for media production companies because the main objective of the standard is the protection of information, and I am sure that you have sensitive data in your business.  Furthermore, ISO 27001 is for any type of business, so you can implement and certify it in your company. I think that the important in your situation is to obtain the management support, so I think that this webinar can be interesting for you “ISO 27001 benefits: How to obtain management support” : https://advisera.com/27001academy/webinar/iso-27001-benefits-how-to-get-management-buy-in-free-webinar-on-demand/
    Also this article can be interesting “Four key benefits of ISO 27001 implementation” : https://advisera.c om/27001academy/knowledgebase/four-key-benefits-of-iso-27001-implementation/
    And finally this article can be also interesting for you “Applicability of ISO 27001 across industries” : https://advisera.com/27001academy/blog/2015/06/29/applicability-of-iso-27001-across-industries/

  • MBCO, RTO, MPTD/MAO

    Sorry, but we do not have a specific diagram about this, although we have an interesting article where we talk about MBCO, RTO and MAO with a brief example “How to implement business impact analysis (BIA) according to ISO 22301: https://advisera.com/27001academy/knowledgebase/how-to-implement-business-impact-analysis-bia-according-to-iso-22301/
    I hope that this information can help you, if not please let us know any doubt.

  • IRCA, RABQSA, PECB


    1.- I wonder if you can help answer my query. I want to know if there are any disadvantages in doing ISO 27001 with one board rather than other? I am looking at a course which is run over 2 consecutive weekends and certified by PECB. All other courses I have looked at are certified by IRCA.
    2.- Do you have any suggestions on opinions on this? Also are the exams the same format/difficulty for both boards? 
     

    Answer:

    Point 1: There are many companies and all are good, our recommendation is that you search a course accredited by IRCA or RABQSA (although PECB is also a good entity), because this means that, once you pass the exam, this certificate will be accepted by any certification body if you want to work as lead auditor with them. Maybe this article can be interesting for you “How to become ISO 27001 Lead Auditor” : https://advisera.com/27001academy/knowledgebase/how-to-become-iso-27001-lead-auditor/ 
    Point 2: Regarding the exam, I think that the important is to know in detail the basic points of the standard (risks assessment & tr eatment and security controls), and depending on the entity there will be more or less questions about one or other, but if you have good knowledge about them, surely you do not have problems. So, if you want to prepare the exam, this webinar can be interesting for you “ISO 27001 Lead Auditor Course preparation training” : https://advisera.com/training/iso-27001-lead-auditor-course/

  • Políticas de desarrollo


    Estuve revisando el sitio de ustedes y al parecer es justo lo que necesito, tengo una auditoria ISO27001:2013 el próximo mes y necesito tener listas las siguientes políticas del Anexo 14.2, y serias estas:
    A14.2.1 Política de Desarrollo
    A14.2.5 Los procedimientos del sistema de desarrollo
    A14.2.6 Entorno de Desarrollo Seguro
    A14.2.8 Pruebas de la Seguridad del Sistema
    Necesito saber si lo que ustedes venden contiene toda la descripción de las políticas anteriores solo para que yo les pueda hacer los ajustes a lo que autorice mi empresa, de ser afirmativo necesito que me indiquen cuanto cuesto y como lo pago.
     

    Respuesta:

    En relación a los documentos que has listado, sólo es obligatorio tener el que aplica para el control "A.14.2.5 Los procedimientos del sistema de desarrollo", de todas formas, con nuestra plantilla "Política de desarrollo seguro" : https://advisera.com/27001academy/es/documentation/politica-de-desarrollo-seguro/ puedes implementar todos los controles que necesitas y más: A.14.1.2, A.14.1.3, A.14.2.2, A.14.2.7, A .14.3.1, etc.

    Puedes ver una versión gratuita del documento clickeando en "Demo gratis", y si estás interesado en adquirirla, en la página anterior puedes ver el precio.

    Finalmente, recuerda que puedes preguntarnos cualquier duda que tengas.

  • iso 27001 lead auditor

    Sure, you are welcome. And sorry but we do not have other specifics examples related to your question, but if you need more information about nonconformities, I think that this article can be interesting for you "Major vs. Minor nonconformities in the certification audit" :

    https://advisera.com/27001academy/blog/2014/06/02/major-vs-minor-nonconformities-in-the-certification-audit/
    And in this webinar we also talk about the definition of nonconformities, how you write corrective action request and more issues related to an audit, I hope that this webinar help you "Internal audit: How to conduct it according to ISO 27001 and ISO 22301/BS 25999-2" : https://advisera.com/27001academy/webinars/

  • ISO 31000


    I just want to know that is your new RISK assessment toolkit is based on ISO 31000
     

    Answer:

    Our methodology is based on ISO 27005, which has the same structure that ISO 31000 (they are fully compatible), but while ISO 31000 is focused on any type of risk (environmental, financial, information security, etc), ISO 27005 is focused specifically to information security. So, if you want to work only with information security, the best, or our recommendation, is a methodology based on ISO 27005. If you want, you can see a free version of our template clicking on “Free Demo” tab here “Risk Assessment and Risk Treatment Methodology” : https://advisera.com/27001academy/documentation/Risk-Assessment-and-Risk-Treatment-Methodology/
    Finally, if you need more information about ISO 27001, ISO 27005 and ISO 31000, you can read this article “ISO 31000 and ISO 27001 – How are they related?” : https://advisera.com/27001academy/blog/2014/03/31/iso-31000-and-iso-27001-how-are-they-related/

  • Questions about ISO 27001


    I need some ISMS question for prepare interview.
    The interviewer will probably focus on the following:
    1.- Which safeguards (controls) are listed in ISO 27001
    2.- What is the role of risk management in ISO 27001
    3.- Which are general steps in the implementation of this standard
    4.- How to setup an ISO 27001 project
     

    Answer:

    Point 1: There are 114 controls, here you can see an overview of them “Overview of ISO 27001:2013 Annex A” : https://advisera.com/27001academy/iso-27001-controls/ And also you can see all controls in detail in our template “Statement of Applicability” here (you can see a free version clicking on “Free Demo” tab) : https://advisera.com/27001academy/documentation/statement-of-applicability/
    Point 2: The role of the risk management in the ISO 27001 is very simple (and it is the core of the standard): Identify risks and reduce them applying security controls, which are listed in the Annex A of the ISO 27001. And the risk management is composed on an assessment and on a treatment. To know more information about this, please read this article “ISO 27001 risk assessment & treatment – 6 basic steps” : https://advisera.com/27001academy/knowledgebase/iso-27001-risk-assessment-treatment-6-basic-steps/
    Point 3: Here you can find a brief guide to implement the standard in your organization “ISO 27001 implementation checklist” : https://advisera.com/27001academy/knowledgebase/iso-27001-implementation-checklist/ And also this free webinar can be interesting for you “ISO 27001: An overview of ISMS implementation process” : https://advisera.com/27001academy/webinar/iso-27001-overview-isms-implementation-process-free-webinar-demand/
    Point 4: It is very important, I mean, you need to define a plan project to implement the ISO 27001 in your organization, so this article will be interesting for you “ISO 27001 project – How to make it work” : https://advisera.com/27001academy/blog/2013/04/22/iso-27001-project-how-to-make-it-work/
Page 1061-vs-13485 of 1128 pages

Didn’t find an answer?

Start a new topic and get direct answers from the Expert Advice Community.

CREATE NEW TOPIC +