Start a new topic and get direct answers from the Expert Advice Community.
CREATE NEW TOPIC +Search results for "iso17025 vs gmp"
1219 results
Guest
Guest
Create New Topic As guest or Sign in
Assign topic to the user
-
Naming of ISO 27001 Annex
... efinitions
4 Structure of this standard
From section 5 onwards, the section title is the same from the respective ISO 27001 Annex A section. For example, both ISO 27001 Annex A.5 section and ISO 27002 section 5 are titled A.5 “Information security policies”
This article will provide you a further explanation about ISO 27001 and ISO 27002:
- ISO 27001 vs. ISO 27002 https://advisera.com/27001academy/knowledgebase/iso-27001-vs-iso-27002/
-
Controls A.17.1
... recovery vs Business continuity https://advisera.com/27001academy/blog/2010/11/04/disaster-recovery-vs-business-continuity/
2 - Additionally, how is it proven that there are information security controls in the continuity plan?Answer: The easiest way is to include references to controls described in ISO 27001 Annex A into the Disaster Recovery Plan document. For example, in the abovementioned template, you can add a section to include the controls covered by the actions defined in the plan.
For example, in case your plan includes activities for recovery of access control, then you can include the reference “Controls from ISO 27001 Annex A.9”
-
Lead Auditor vs Lead implementer courses
Can a lead implementer work as Lead auditor and vice-versa? Which course (internal or lead or implementer) a employee must select for second party audits in a QMS counsultant firm? -
ISO 27001 new version and becoming a consultant
... or Course vs. Lead Implementer Course – Which one to go for? https://advisera.com/27001academy/blog/2014/06/16/lead-auditor-course-vs-lead-implementer-course-which-one-to-go-for/
For courses related to these certifications, please see:
- ISO 27001:2013 Lead Auditor Course https://advisera.com/training/iso-27001-lead-auditor-course/
- ISO 27001:2013 Lead Implementer Course https://advisera.com/training/iso-27001-lead-implementer-course/
After certification, you should acquire experience in the field, and the most common ways are to work inside your current company implementing information security, or working for an established consultant.
For more information about how to become a consultant, please read:
- How to become an ISO 27001 / ISO 22301 consultant https://advisera.com/27001academy/blog/2014/07/21/how-to-become-an-iso-27001-iso-22301-consultant/
-
Extended controls documentation
... . 7018 clauses and controls.
Documents compliant with ISO 27018 can be found in the ISO 27001 & ISO 27017 & ISO 27018 Cloud Documentation Toolkit (https://advisera.com/27001academy/product-tour/#iso27001-iso27017-iso27018).
For further information, see:
- ISO 27001 vs. ISO 27018 â Standard for protecting privacy in the cloud https://advisera.com/27001academy/blog/2015/11/16/iso-27001-vs-iso-27018-standard-for-protecting-privacy-in-the-cloud/ -
ISO 27001 certification
... onsultant vs. DIY approach https://info.advisera.com/27001academy/free-download/implementing-iso-27001-with-a-consultant-vs-diy-approach
When considering DIY approach, using a specialized platform can help you a lot, and for that I suggest you take a look at our Conformio platform at this link: https://advisera.com/conformio/
If you decide to use a consultant, this article will help you: 5 criteria for choosing an ISO 22301 / ISO 27001 consultant https://advisera.com/27001academy/blog/2013/03/25/5-criteria-for-choosing-a-iso-22301-iso-27001-consultant/
-
BIA - The time after which the resource is needed
... e them, they will have different times for need (e.g., the office is necessary immediately after the incident, and employees will be necessary 2 hours after the incident).
This planning is useful when you do not have a hot site strategy implemented and the alternative infrastructure will be built after the incident.
For further information, see:
- Disaster recovery vs Business continuity https://advisera.com/27001academy/blog/2010/11/04/disaster-recovery-vs-business-continuity/
-
What ISO directive requires surveillance audit?
... process of an organization (section 9.6 Maintaining certification).
You can have an overview of this standard here: https://www.iso.org/obp/ui/#iso:std:iso-iec:27006:ed-3:v1:en
This article will provide you a further explanation about accreditation and certification:
- Accreditation vs. certification vs. registration in the ISO world https://advisera.com/articles/accreditation-vs-certification-vs-registration-in-the-iso-world/
-
Can ISO 27001 and certification body be from any country?
... ation body:
- List of Questions to ask an ISO 27001 or ISO 22301 certification body https://info.advisera.com/27001academy/free-download/list-of-questions-to-ask-an-iso-27001-certification-body
- Accreditation vs. certification vs. registration in the ISO world https://advisera.com/blog/2016/02/29/accreditation-vs-certification-vs-registration-in-the-iso-world/