Dear ISO-27001 Members, Salam/Namaste As I have already introduce myself in this forum, By the way This is Suneel Kumar Panjwani doing Consultancy of...
Suneel - You need to speak to the HR dept head to list the processes that exist in the organization. But, nevertheless, you may have a few processes like...
 Hi.. This is Dinesh.. Can somebody help me in preparing the legal requirements w.r.t ISMS. What are the thing to be considered while preparing the document?...
 dear Dinesh, You can consider, Licence of Softwares, IT Act 2000 with this you can cosider Labaour laws, ... dear Dinesh, You can consider, Licence of...
Hi Dinesh, The first thing on legal requirement is to consider the retention of logs. What logs to be retained and how long an organization is expected to...
Legal requirement in ISo 27001 requires you to identify applicable legislations such as IT ACT 200, Copyright Act, patent Act, privacy laws etc... that impact...
Hi Dinesh, I would suggest you take a look at all the applicable laws for your organization, right from Labour laws, shops and establishment act, IT act etc. ...
Hi all, Thanks for your comments...!!! Can anyone suggest me what are the Indian Acts needed to be covered in the legal register??. (Does anyone sensibily &...
Hello, We are thinking on working on the process to get certified BS7799/ISO270001. My boss ask me to plan for this activity specialy for what we need help...
... These figures for a substantial enterprise - small and medium sized businesses will be less. Good consultants will run on the order of $125K to do the...
KB: 1. Very hard to say without knowing how big your company is. I'd say you need a month in the beginning, and may be more. 2. Yes, you can have the initial...
... You can use my templates to estimate the number of days you need based on your self-gap-analysis. My template is a combination of 27000 & COBIT generic...
On Laws...here are some... Indian It Act 2000, Provident Fund Act, Employee State Insurance, Worker's Compensation, Payment Of Gratuity Act, <State> Shops & ...
Hi.. Thanks for your input. I do agree we have to take of IT Act 2000, Copyright Act 1952 etc. I'm not able to understand why we have take care of acts like...
Hi Dinesh They are all part of information systems recycle/reuse/disposal processes. For ex. usage of electronic equipments such as PC monitors may mandate...
Dinesh, In simple terms the control manadates you to identify & follow all the relevant laws and regulation. Think.., in case if your organisation do not...
Dear Venu, What I understand in the standard was it taking care of the information, Information systems and associated services.... No where it talks about the...
One important thing to remember is that environmental legislation, etc. often times requires the creation, retention, and protection of records. This can be...
Hi K.B. To give some advice on what you are looking at doing; 1. Often the best way to start is to have an assessment done, to let you truly know where to...
Suneel, Firstly i think that your understanding about critical process is not corect. All support departments like HR, admin, IT support are citical in a way,...
Dear all, I would like to know what you mean by IPR compliance. Does it mean all our licenses - third party as well as in-house developed should be in...
Software = software purchased? Not necessarily. Some softwares are freeware. Some softwares maybe be acquired by other means other than being purchased (e.g....
Hi Pakis, You need to cover points like - Laptops / mobile computing devices are protected against theft and damage while in storage / transit / in use and, in...
We are in the process of creating one so I can share with you what we have included: -Company data is to be stored and processed on company assets only. That ...
Dear All, Thanks for your share about mobile computing Regards Pakis ... Take the Internet to Go: Yahoo!Go puts the Internet in your pocket: mail, news, photos...
