Tag: "ISMS" - Expert Advice Community

Guest

Guest

Create New Topic As guest or Sign in

HTML tags are not allowed

  • Multi location certification

    I have implemented ISO27001 at a country level. The Global company was only an interested part as a shareholder. But now that has changed and they are wanting to manage the network at a global level.

    I don't know how to treat them in as part of this certification. Could you help with some advise on how to treat them?

  • Can ISO 27001 and ISO 22301 be used together in a document?

    In the document when we were reading through it, it said we can use it for either/or like either ISMS or BCMS. So my question is is it possible to use it for both and put the word AND between ISMS and business continuity management system?

  • Questions about documents

    First question: I was wondering if Privacy Policy document is included with the ISO 27001/22301….or if it is only included with the EU GDPR. If only included with GDPR, can I use that privacy policy for all our ISMS/BCMS needs as well?

  • Independent review

    Can this requirement for 'Independent Review' be satisfied internally? That is, review of the ISMS policies and procedures by an in-house team that is not directly attached to the ISO 27001 effort?

    Can this requirement be satisfied through the ISO 27001 Certification process, citing the 2 minor audits between major certification as our Independent Review?

    Otherwise, what is the best course of action to meet this requirement, and could we gain and keep certification without using this control?