Suneel, Firstly i think that your understanding about critical process is not corect. All support departments like HR, admin, IT support are citical in a way,...
Dear all, I would like to know what you mean by IPR compliance. Does it mean all our licenses - third party as well as in-house developed should be in...
Software = software purchased? Not necessarily. Some softwares are freeware. Some softwares maybe be acquired by other means other than being purchased (e.g....
Hi Pakis, You need to cover points like - Laptops / mobile computing devices are protected against theft and damage while in storage / transit / in use and, in...
We are in the process of creating one so I can share with you what we have included: -Company data is to be stored and processed on company assets only. That ...
Dear All, Thanks for your share about mobile computing Regards Pakis ... Take the Internet to Go: Yahoo!Go puts the Internet in your pocket: mail, news, photos...
Hi, Well Mobile computing talks about employees give access to the company's information assets remotely. I feel you should find out whether employees can...
Hi All - is there any available info for ISO 27004 (metrics) or at least when something is expected to be published? Thanks! Jay Security Analyst - Atlanta,...
Jay, Not sure when the ISO27004 is getting released but you can refer to BSI book BIP 0074:2006 'Measuring the effectiveness of your ISMS implementations based...
Hi Jason, ISO 27004 is being balloted to move to 2nd CD (Committee Draft), here in October. What this means is that it still needs to go through FCD (Final ...
Hi Scott, What is the normal process for a standard to become ISO, apart from those you have already explained, also what is the criteria and how this has to...
Hi. I am new to the group. Often I have tried to obtain employment in the field of IT security. I have a lot of practical technical experience in the field. ...
The newsletter just arrived. See below. Laura ______________________________________________________ THE ISO 27001 and ISO 17799 NEWSLETTER - EDITION 15 ...
I was just working through the ISO 27001 document again and, thanks to a customer question, I have one. Has anyone else noticed that in section 4.2.1 item g it...
Dear Fred, The item you are referring to is 4.2.3 (g) of the ISO 27001 document, if I am correct. If you look at the next item 4.2.4, it brings out the spirit...
Vijendera, All of which makes my point. There is nothing defined as a "Security Plan" - the term is generic, not specific. It is a poor choice of wording...
Hi, I have a doubt. Assuming that we have a device (say an Oscilloscope) which is used for initial testing of a product. This device does not contain any...
Hi, Yet another doubt. How do we identify a scope of implementation ? I am not able to word it out. Can i get some samples ? Thanks Regards Jagdish ... Once...
Hello Mr.Rao During Asset Modelling we take all the HW, SW and Information Assets (Critical and Non-Critical) into account. So with this theory Oscilloscope is...
Hello Jagdish, From what I understand, ISO 27001 requires us to identify assets that fall within the scope of the ISMS. (Refer to: ISO/IEC 27001:2005, in ...
Hi, To add to this, I feel you can consider Oscilloscope as an asset. If you have made an inventory of assets and classified them, you can consider this under...
Hi ! I look at it this way : Assets to be considered in classification are 1. Information assets (which hold/stage information) 2. Information processing...
Hi, I had been reading the following discussion, I kind of agree with Manish. We are currently implementing ISMS. We are done with the risk assessment. Now are...
Hi Abhishek, I agree with you that RA & BIA are confusing. Excerpts from a book : "Risk Analysis involves identifying the most probable threats to an...
Dear Manish, Thank you very much for your thoughts on this. This helps a lot. As per the Excerpts from the book, my critical business function at the ...
Hi all, i agree to what has been discussed below. in case of oscilloscope. Confidentiality cud be rated N.A. while integrity and availability cud be kept HIGH....
Having problems with message search?
Fill out this form to ensure your group is one of the first to be migrated to the new message search system.
