Hi, Is there any tool which would classify documents? I have defined the classification but since there are loads of documents, it is not possible to open each...
Hi Friends We are implementing ISMS in our BPO Company.. I would appreciate any thought or an ideas on cost effective BCP/DR Solutions for a Mid Size Business ...
Use other locations as your DR sites. Â In case you have only one location, then sign a MOU with a nearby hotel with wi-fi connection, so that delivery can be...
Dear Rajesh, Do not expect a specific answer based on the minute details you have provided. Look at your risks and requirements and align your BCP/DR...
Wow. Did you have insider information on what type of BPO Rajesh is working at? I know of a 10-man BPO (small size not even Mid) that does content conversion....
Rajesh, Your BCP/DR solution for "Deliverables" should be derived from kind of Service Level Agreements you have committed to your Client. Those should provide...
Hi The certification is for management system, it can be any management system( Production, testing or design and development anything). May be a call centre,...
... yes in fact or theory u can but if auditor asks that how you include new systems to whole system and if u say directly then u have to define your risks at...
Our consultant claims that the Auditor can do Phase 1 and Phase 2 audit in a one, 3 days trip, is this true? Is there any rule about Phase 1 and Phase 2 audits...
Yes it is possible. Stage 1 is checking your management system in "theory". Stage 2 is checking the application or implementation. If you pass Stage 1 or if...
My scope is dependent on my business needs and not what the auditor think. I don't care what the auditor think about my scope. At the end of the day,...
... ISO/IEC 27006:2006 "Requirements for bodies providing audit and certification of information security management systems" defines follwing: <snippet> ...
Andreas Rauer
Andreas.Rauer@...
Mar 23, 2009 9:15 am
370
Hi friends, Â Can anyone help me what the ISMF (Information Security Management Forum) should exactly do? I would appreciate if anyone could send me the roles...
Hi Guys, Â I am in the process of preparing a GAP analysis report for ISMS implementation in our company. Can any one suggest me how to do the cost benifit...
Hello All, I’m relatively new over here, as the company I belong to also looking for the implementation and certification of ISO 27001. By going through the...
I dont think any body will be able to help you on this... If there ia anything regarding the standard you can contact again. For equipments you need to get in...
·        Ensuring that Information security objectives and plans are established for ISMS. ·        Communicating to the organization the...
You will need to find the threats to assets in business process, then find the vulverability that can expolit that threat. After doing this, you need to find...
hello all i am question threat catalog for risk analysis. attention: risk function=R if dependent variables = V(vulnerability) and T(theat) R(V,T) i used...
None is required. Additional investment shall be commensurate to your risks and business needs. Richard Regalado ________________________________ From: Siddi...
Our consultants want us to add all our company workstations in the Assets inventory list, is this correct? I believe that we should only add the workstations...
Hi Tarek, I thinks workstation shuold in the assets list because the workstaion can effect to availablility. Nam From VietNam. ... From: Tarek El kinawi...
hoang nam
cangua166@...
Apr 27, 2009 7:36 am
380
Tarek, It depends on the topology of the network. If both assets containing non-sensative and sensative data reside on the same network and/or are routeable...
As per ISO 27001: an organization should maintain an updated asset inventory. In this case the consultant is telling right. This task can be designated to some...
All the assets which affects the security CIA triad ie confidentiality, Integrity and availability needs to be considered in the asset. Desktops although does...
Thank you all for your feed back. I am getting 3 directions from the feed back: 1- Consider all the workstations in the assets inventory. So consider the asset...
Having problems with message search?
Fill out this form to ensure your group is one of the first to be migrated to the new message search system.
