Could you please provide all sample examples of internal and external issues?
Answer:
Examples about internal issues: you need to make sure that your information security objectives are aligned with the business strategy, perform the risk assessment, determine resources, information security roles and responsibilities, capabilities, etc.
Examples about external issues: you simply need to identify interested parties and their requirements (interested parties can be employees, clients, suppliers and partners, etc)
For more information about internal and external issues, please read these articles:
Explanation of ISO 27001:2013 clause 4.1 (Understanding the organization) : https://advisera.com/27001academy/knowledgebase/how-to-define-context-of-the-organization-according-to-iso-27001/
How to identify interested parties according to ISO 27001 and ISO 22301 : https://advisera.com/27001academy/knowledgebase/how-to-identify-interested-parties-according-to-iso-27001-and-iso-22301//
Comment as guest or Sign in
Jan 12, 2016