What type of GRC (governance risk compliance) you recommend to implement an ISMS ( ISO 27001 /27002)? btw I'm about to test eArcher GRC, I don't know if it is supporting all ISO 27001 exigences...
Answer:
For the implementation of the ISO 27001 you need to develop a methodology for the risk assessment & treatment, and for to do this, you can use the ISO 27005 which is a code of best practices for the development of a methodology for the risk management. Anyway, we have all necessary templates for the implementation of the ISO 27001 (including all related to the risk management), so you can use it. You can see a free version of all documents if you click on Free Demo tab, so here is our methodology : https://advisera.com/27001academy/documentation/Risk-Assessment-and-Risk-Treatment-Methodology/ and here you find all our templates for the implementation of the ISO 27001: https://advisera.com/27001academy/iso-27001-documentation-toolkit/
And we do not have information about eArcher GRC, but again, you can try our templates and use them for the implementation of the risk management in your business.
Comment as guest or Sign in
Jan 12, 2016