Hi Bala, Assets to be covered as part of Risk Management are Information assets - which store information and which process information. It would be best...
ISO 27001 doestn't mandate any particular methodology for RA. Orgaisation is free to select any one suitable to their environment. It's always better to select...
Dear Bala, My understanding of assets is : In ISMS terms, assets include Information assets (e.g. paper or electronic form) & Information processing assets...
Hi, As per clause 4.2.1 c of ISO 27001, The organization has to define a risk assessment approach. As far as i know the most common models on RA are 1. PD3002...
Dear Bala Raman, You are absolutely right. Since BS 7799 has gained the status of ISO 27001, I feel senses will dawn upon the managements the necessity of...
Hi Guys, Basically, i feel that the organizations have not understood the importance of INFORMATION SECURITY, in spite of the security breaches that is...
Besides having its origin in a different land than the US, as brougt out below, the professional community in the USA seems to have been overtaken by current...
Information Security is a big issue. However there are roadblocks that I see why ISO 27001, or Information Security Management System, is not gaining the...
There may be no mandates yet in the mainland US but American companies who outsourced their processes here in the Philippines are demanding to have a...
It's always better to start with a small scope and expand later. But ensure that all relevant entities are included. In the previous standard (BS 7799) , only...
Dear Sekar, Whenever you undertake implementation of any standard the scope has to be clearly defined at the outset. While it does find a mention in the...
Group, I realize that everyone loves to tout the ISO17799 but the biggest issue that I see for the US is that there is no reglatory mandates to comply....
Lets dissect the requirement: Define how to measure the effectiveness of the selected controls or groups of controls and specify how these measurements are to...
Hi all, See my previous entry, which included this question and an answer. I hope that we can indeed keep the ball rolling and I hope that interest in ISO27001...
These things take time. ISO 9000 started the same way, as did ITIL, as did.... Apart from which, this is a small forum in a corner, which few people are aware...
Hi, I have an area in which I need your guidance. This is in respect of SCOPE of ISMS. This company has done risk assessment and selection of controls looking...
I agree with Henk. Well, I guess all the members would be conversant with BS7799-2. I've kept few documents in the files section which will give some idea on...
Hallo Chandra, The advantage is that at least the whole of the company is aware of the hazards and has, hopefully, implemented the appropriate measures. The...
Yes..It's true..May be all are very busy with implementaion and audit...Let us put back the ball rolling.. == henk_keijzer <hwkeijzer@...> wrote: Ladies...
Hank: You may have answered your own question. Perhaps there is no real interest in ISO 27001 in the same way there appears to have been no real interest in ...
Ladies and gentlemen, I'm really surprised. I've been a member of this group now for several months and the number of messages is virtually nil. There are 125 ...
Hi Pendar, Thanks for you info. I think most of the companies are undergoing internal changes to accomodate the new standard/version. Pender, if possible can u...
Hi, Are you asking about BS7799 or ISO27001 ? As I heard there is no certificate base on the the new version yet. And about the changes I can provide you some...
Dear Sameer, I don't have the data regarding ISO 27001 certificates. But I would surely ask the faculty during my LA course on ISO 27001 during 12-16 Dec in ...
Hi All Any idea about how many companies are so far certified with the new standard. Is there any change with respect to what auditors look for while auditing...
Just in from the wires (OK, from the ISO 17799 Newsletter really, but 'the wires' sounded better!): ISO 27001 has finally been published as an official ISO...
ISO has reserved the ISO/IEC 27000-series numbering for a range of information security management standards in similar fashion to the very successful ISO...
The latest ISO 17799 Newsletter has just been released. It explains the final draft version of ISO 27001 in some depth, and has a very nice reference to this...
Welcome to the Yahoo forum dedicated to ISO 17001. Please feel free to join and use this resource to share information and knowledge related to this important...
Having problems with message search?
Fill out this form to ensure your group is one of the first to be migrated to the new message search system.
