Hi, My company is planning to implement a web based ERP called Netsuite....has anybody done a RA for such an application...any help would be greatly...
Hi All, I work as Infosec analyst at a reputed IT MNC. Recently, a security implementation audit request has come for an application for an integrated project...
I have done the LA course in october 2006. I was working as a consultant - iso 27001. Now i want to work as a freelancer auditor / lead auditor. can someone...
Hi all, Can anyone help me out in making a list of do's and don'ts for giving it to my office security personnel instead of training them everytime when the...
The latest issue has just landed. See below. Laura ______________________________________________________ THE ISO 27001 and ISO 27002 NEWSLETTER - EDITION 17 ...
Hello All, I am working in Big Consulting organization with strength of around 18K employees,i am working as an INFOSEC Consultant. i am drafting Policy on...
The latest edition just arrived: THE ISO 27001 and ISO 27002 NEWSLETTER - EDITION 16 ______________________________________________________ Welcome to Issue 16...
Hi, I am asked to do a Risk Assessment / Business impact Analysis before we begin with getting the Data classified for implementation of ISMS. Not really sure...
I was just working through the ISO 27001 document again and, thanks to a customer question, I have one. Has anyone else noticed that in section 4.2.1 item g it...
Hello, Has anyone reviewed/ audited/ carried out a Risk Assessment or Business Impact Analysis for a Central Bank environment? If so, please share any...
Hi, I have a doubt. Assuming that we have a device (say an Oscilloscope) which is used for initial testing of a product. This device does not contain any...
Hi, Yet another doubt. How do we identify a scope of implementation ? I am not able to word it out. Can i get some samples ? Thanks Regards Jagdish ... Once...
The newsletter just arrived. See below. Laura ______________________________________________________ THE ISO 27001 and ISO 17799 NEWSLETTER - EDITION 15 ...
Hi All - is there any available info for ISO 27004 (metrics) or at least when something is expected to be published? Thanks! Jay Security Analyst - Atlanta,...
Dear all, I would like to know what you mean by IPR compliance. Does it mean all our licenses - third party as well as in-house developed should be in...
Hi, This is a thought which has been plaguing me for quite some time. If an organization wants to implement an ISMS using ISO 27001, this is what you would do....
Hello, We are thinking on working on the process to get certified BS7799/ISO270001. My boss ask me to plan for this activity specialy for what we need help...
 Hi.. This is Dinesh.. Can somebody help me in preparing the legal requirements w.r.t ISMS. What are the thing to be considered while preparing the document?...
Dear Members, I am confused bit about BCP and DRP... can anyone help me that wats the big difference between these two Terms.. Waiting for your quick...
For anyone who hasn't seen it: THE ISO 27001 and ISO 17799 NEWSLETTER - EDITION 14 Welcome to the Issue 14 of the ISO27001/ISO17799 newsletter, designed to...
Hi Gang, I am an IT project manager tasked with aligning our entrprise security with the ISO 27001:2005 and ISO 17799:2005 standards. We are not after ...
Dear friends, I am back with my other query. Please guide me on drafting Telephone/ Fax Policy for my organization. Points to be considered are Making...
Dear Rohan, Statement of applicability is the last stage of implementation. If compliance is new to your organization, i would suggest to start from defining...
Dear All, I am Rohan Kadam, an engineer by profession. Currently I am working with Financial BPO. I've comprehensive 5 years experience in Quality Management...
Hi All, Are there any guidelines for auditing financial applications built inhouse? For one, I see that there is one person, acting as a system analyst, system...
Dear All, I have been a quiet member of this group, and constantly reading all the messages. The kind of information flowing is very good! I need a small help...
