Tag: "Product: ISO 27001 Documentation Toolkit" - Expert Advice Community



Create New Topic As guest or Sign in

HTML tags are not allowed

Assign topic to the user

  • ISO 27001:2022 mandatory documents and records

    I have bought your toolkit in the past and am preparing a ISO27001 2022 implementation and certification.

     I want to get a clear picture of which documents and records are mandatory.
    1 - I have read your webpage article on: https://advisera.com/27001academy/knowledgebase/list-of-mandatory-documents-required-by-iso-27001-revision
    and the content of “List_of_documents_ISO_27001_2022_Documentation_Toolkit_EN.pdf”.  If I understand it correctly they both relate to ISO 27001 2022. Correct?

    2 - Can you explain to me why i.e information classification policy, confidentiality statement, training and awareness are mentioned as mandatory in the PDF file and is NOT listed as mandatory on the webpage?

  • Questions about toolkit templates

    1. In document 04-Information Security Policy, the item "4.4 Business Continuity" of the document index does not appear in the body of the document, please indicate if we remove this point from the index or you send the text of the missing part?

    2. For the appointment of the security officer and security committee, do you have a standard document that allows us to carry out the board of directors minutes for the appointment, and the appointment of the role or position to the corresponding person or if this is going to be a external entity that provides the consulting service?

  • Toolkit documentation

    Which document in the toolkit is relevant to clause A.7.5 (Protecting against physical and environmental threats)? And to A.7.8 (Equipment siting and protection)?

  • Key Risk Management Plan template

    In our ISO 27001 package is there a document template for a Security Risk Management Plan? or is this covered in 05_Risk_Assessment_and_Risk_Treatment? I couldn't see the document for a plan only assessment and methodology.

  • ISO 27001:2022 Documentation Toolkit

    The advisera document toolkit for ISO 27001, ISO 9001& ISO 14001 has been a great help to our organization. We have a partnership with Advisera..

    The much-awaited ISO 27001:2022 is finally here. Just want to ask the following questions:-

    1. Whether ISO 27001:2013 version documentation toolkit can used in the transition of ISO 27001:2022 version. If yes, How can it be done and If no, please provide the reason also?

    2. When will be Advisera ISO 27001:2022 documentation toolkit will be available? Any timelines for that

    3. Can u please provide the quotes for Advisera ISO 27001:2022 Documentation toolkit?

  • Training and awareness plan

    I need help from your expert to know how to deal with the following chart and what is relaly expected in term of competencies and knowledge, as well as the related training.

    Can you please provide me with some support?

  • ISO 27001 toolkit

    Wondering if an updated toolkit will be supplied to registered users (as I) for the upcoming 2022 standard version. Also wondering if any ISO27017 and ISO27018 expansion packs are available, or at least a document matrix alignment with ISO27001.
  • Framework question

    One question to your framework. I have got a long agenda for the certification meeting. This is just a part of it: Top management •    Organizational context and needs and expectations of interested parties (4.1, 4.2) •    Strategic direction, policies (5.2) & objectives (6.2) •    Involvement and commitment from top management with respect to the management system (5.1) •    Roles, responsibilities, and authorities (5.3) •    Provision of resources (7.1) •    Human resource security (A7) •    Communications (internal/external) (7.4) •    Continual improvement (10.2) •    Performance evaluation (9.1) •    Management review (9.3) I have documented all the Annex A, but where is all the requirement like 4.1, 4.2 documented in your framework?
  • Query on SOC 2 certification

    I have a query, how much of this documentation can be reused if the organization also wants to pursue SOC 2 certification ?
  • ISO 27001 package question regarding risk assessment

    thanks for the call last week! I proceeded with the risk assessment. Just a small question: The evaluation of probability of a risk already takes into account the measures that we already have implemented - is that correct? Because in the methodology it says: https://i.imgur.com/5hvpOc1.png So that means: If we already have implemented several security measures for certain risks, the probability will be low in the risk assessment. This would lead to a quite small amount of not acceptable risks (3 or higher) that would be transfered to Anhang 2 "Verzeichnis Risikoeinschätzung" (currently around 12 risks to be transfered in our case). Did I understand this correctly? Or do we need to evaluate the risk without taking into account the measures we already have? Thanks for your help!
Page 1 of 2 pages