Hi All, I work as Infosec analyst at a reputed IT MNC. Recently, a security implementation audit request has come for an application for an integrated project...
Hi Sthito, A quick way would be to address the various phases of the SDLC cycle. I know this is very generic statement. I would suggest you to look at the...
Hi, My company is planning to implement a web based ERP called Netsuite....has anybody done a RA for such an application...any help would be greatly...
I dont think RA can be done to an application in isolation.It depends on the use,business,inputs and so on....What is it that you are looking at?? Rgds ...
Hi Thanks for the response........its a web based CRM application.......including the invoicing and collection capabillity....... Reg Abhilash --- On Tue,...
Dear rijbob@yahoo. com, Â The mandatory procedures for ISO 27001 are:- Â 1. Document Control 2. Record Control 3. Risk Assessment 4. Operations Management 5....
Hey! Â Your list is incomplete!! Â How about the following controls, whiosh is part of ISMS? Â A7.2.2 A10.1.1 A10.4.1 A10.7.1 A10.7.2 A10.8 A10.8.1 A10.8.5 ...
Hi Mr Achar You are confussed about the question. The question here is Mandatory Procedures, thus the mandotory procedures are mentioned. The Controls are not...
Really? Which clause/section Vikas? Legal Disclaimer ========================================= No animal was harm in writing this email. ... From: Vikas...
Dear Eric, Â "Human being tends to do mistakes" Â In fact Vikas has answered one of my query correct in this forum, & I can vouch that this must have surely...
Hi all, Correct; by obligatory procedures I meant mandatory procedures...thanks for the clarification. However, I am a bit confused since noticed there are...
Dear Rohan, I believe that the documents (SOA, RTP, etc.) you mentioned are all mandatory requirements. However, the original inquiry from rijbob@......
Hi Rohan Yeah I am a LA for ISMS and QMS. And as a human being I did a mistake. I have gone through the standard may be 1000 times till date but never even...
Dear rijbob@..., Â First of all identify all the procedures and documents required by ISO 27001, and then see what templates and forms will be designed...
The easiest way to develop the Project Plan would be to list down the activities from the implementation point-of-view; to be precise - 1) Project Intitiation...
Dear Vikas, Â Its absolutely alright. Your one mistake would not take away the credit for answering so much questions correctly on this forum. Â Vikas:-...
Hi, Â Clauses 4 to 8 are compulsory. Controls A5 to A15 are compulsory as well unless the can be justified to be unapplicable. Â So what is compulsory is: Â ...
Dear Rohan, I agree with you on the mandatory procedures to be established as part of ISO 27001:2005 is 5 only. Coming back to your question of Management...
Hi, What is MRM? Thank. ER Legal Disclaimer ========================================= No animal was harm in writing this email. ... From: Dhananjaya Naronikar...
Hi Frens, To guys who doesn't have much exposure towards ISMS, this will help you, its much elaborate about the ISO 27001 implementation plan. Phase I 1....
Hi, MRM would be the Management Review Meetings. From an ISO27001 perspective it may even be called as Information Security Forum (ISF) Meetings or Information...
Hi, Few thoughts from my side - Just to add to the comments below, while the Information Security Steering Committee meetings are usually held once a...
Hi,  Currently i am working in a india's biggest pharma company as compliance manager from last 1.5 years. Here i am looking after ISMS and internal audit...
Having problems with message search?
Fill out this form to ensure your group is one of the first to be migrated to the new message search system.
