Start a new topic and get direct answers from the Expert Advice Community.
CREATE NEW TOPIC +Search results for "iso17025 vs gmp"
1219 results
Guest
Guest
Create New Topic As guest or Sign in
Assign topic to the user
-
Design, validation versus verification
... ification vs Design Validation - https://advisera.com/9001academy/knowledgebase/iso9001-design-verification-vs-design-validation/
- The ISO 9001 Design Process Explained https://advisera.com /9001academy/blog/2013/11/05/iso-9001-design-process-explained/
- free online training ISO 9001:2015 Foundations Course â https://advisera.com/training/iso-9001-foundations-course/ -
Certification and cloud providers
... ISO 27001 vs. ISO 27017 â Information security controls for cloud services https://advisera.com/27001academy/blog/2015/11/30/iso-27001-vs-iso-27017-information-security-controls-for-cloud-services/
These articles will provide you further explanation about handling suppliers:
- 6-step process for handling supplier security according to ISO 27001 https://advisera.com/27001academy/blog/2014/06/30/6-step-process-for-handling-supplier-security-according-to-iso-27001/
- Which security clauses to use for supplier agreements? https://advisera.com/27001academy/blog/2017/06/19/which-security-clauses-to-use-for-supplier-agreements/ -
ISO 27001 Lead Auditor or CISA?
... /> - CISA vs. ISO 27001 Lead Auditor certification https://advisera.com/27001academy/blog/2015/05/11/cisa-vs-iso-27001-lead-auditor-certification/
This material will also help you regarding ISO 27001 Lead Auditor:
- ISO 27001 Lead Auditor Course preparation train ing [free webinar on demand] https://advisera.com/training/iso-27001-lead-auditor-course/ -
Lack of statement of applicability
... > - Major vs. minor nonconformities in the certification audit https://advisera.com/27001academy/blog/2014/06/02/major-vs-minor-nonconformities-in-the-certification-audit/
These materials will also help you regarding internal audit:
- ISO Internal Audit: A Plain English Guide https://advisera.com/books/iso-internal-audit-plain-english-guide/
- ISO 27001:2013 INTERNAL AUDITOR COURSE https://advisera.com/training/iso-27001-internal-auditor-course/ -
Compliance of U.S. company dealing with B2B customers
... collection of the personal data.
If these information are lacking my first choice would be to consider that the US based company is acting as a processor and since they are dealing with a EU based controller there is high chance that GDPR would be applicable for the processing activities involving EU citizens personal data.
See also this article: EU GDPR controller vs. processor â What are the differences? https://advisera.com/eugdpracademy/knowledgebase/eu-gdpr-controller-vs-processor-what-are-the-differences/ -
ISO 27017, ISO 27018 and ISO 27001
Answer: ISO 27017 and ISO 27108 only provide recommendations and guidelines to the implementation of controls of ISO 27001 Annex A, so their application is not mandatory for an organization to be compliant with ISO 27001.
These articles will provide you further explanation about ISO 27017 and ISO 27018:
- ISO 27001 vs. ISO 27017 – Information security controls for cloud services https://advisera.com/27001academy/blog/2015/11/30/iso-27001-vs-iso-27017-information-security-controls-for-cloud-services/
- ISO 27001 vs. ISO 27018 – Standard for protecting privacy in the cloud https://advisera.com/27001academy/blog/2015/11/16/iso-27001-vs-iso-27018-standard-for-protecting-privacy-in-the-cloud/
Regarding if you can skip cloud elements until the implementation of ISO 27001, you can only do that if there is no cloud-related elements on your ISMS scope.
These articles will provide you fur ther explanation about scope definition:
- How to define the ISMS scope https://advisera.com/27001academy/knowledgebase/how-to-define-the-isms-scope/
- Problems with defining the scope in ISO 27001 https://advisera.com/27001academy/blog/2010/06/29/problems-with-defining-the-scope-in-iso-27001/
These materials will also help you regarding scope definition:
- Book Secure & Simple: A Small-Business Guide to Implementing ISO 27001 On Your Own https://advisera.com/books/secure-and-simple-a-small-business-guide-to-implementing-iso-27001-on-your-own/
- Free online training ISO 27001 Foundations Course https://advisera.com/training/iso-27001-foundations-course/ -
Risks and opportunities vs issues
What is the difference between Risk/opportunities of the SO 14001 v2015 and the internal/external issues of the context of the organization ? -
ISO 27017, ISO 27018 and certifications
... ISO 27001 vs. ISO 27002 https://advisera.com/27001academy/knowledgebase/iso-27001-vs-iso-27002/
- ISO 27001 vs. ISO 27017 â Information security controls for cloud services https://advisera.com/27001academy/blog/2015/11/30/iso-27001-vs-iso-27017-information-security-controls-for-cloud-services/
- ISO 27001 vs. ISO 27018 â Standard for protecting privacy in the cloud https://advisera.com/27001academy/blog/2015/11/16/iso-27001-vs-iso-27018-standard-for-protecting-privacy-in-the-cloud/ -
Asset owner and risk owner
... sk owners vs. asset owners in ISO 27001:2013 https://advisera.com/27001academy/knowledgebase/risk-owners-vs-asset-owners-in-iso-270012013/
These materials will also help you regarding asset owner and risk owner:
- Book Secure & Simple: A Small-Business Guide to Implementing ISO 27001 On Your Own https://advisera.com/books/secure-and-simple-a-small-business-guide-to-implementing-iso-27001-on-your-own/
- Free online training ISO 27001 Foundations Course https://advisera.com/training/iso-27001-foundations-course/