Hi, I would like to start a thread on the following queries . 1. What is the true value of Risk Analysis for your organization? 2. What are the units which you...
Anup- I believe that the true value of risk analysis lies in helping the organization business managers in take risk based business decisions. This can only be...
ISO 17799:2005 is it 11 sections or 12? The www.ISO.org website shows ISO 17799:2005 as 11 sections, but the "17799.denialinfo.com/whatisiso17799.htm" website...
bala is correct... There are 11 sections in 17799:2005 ... __________________________________________________ Do You Yahoo!? Tired of spam? Yahoo! Mail has...
Hi, This is a thought which has been plaguing me for quite some time. If an organization wants to implement an ISMS using ISO 27001, this is what you would do....
Anup, I read your mail and to some extent I agree with your concerns. Here's what I think will help you get answers to your question. 1. Read the ISO...
Anup- I may partly agree to your comments:-) First of all, let's take the issue related to the ISO 27001. This helps the organizations in designing their...
Hi Anup, You have raised a very good question. Before i start i would like to give you the background. There is a standard called ISO9001. This is a standard...
Business focus is not lost in ISO 27001. It is very much alive and kicking! A fine example the exhibits this presence is when you select your controls and...
Hi, My replies are marked with ** ... ** Yes a good standard and a very abused one too :-) ... ** I agree to your suggestion. But where I feel ISO 27001 fails...
Dear Manish, Let me answer your points marked with ** ... ** Yes I have read it. ... ** I think there is a mistake. Risk assessment in ISO 27001 terminology ...
Hi Anup, I enjoyed every bit of ur mail because that is what i felt earlier ..but but.....keep this in mind. There is no such process that works automatically,...
Hi, My points are marked with ** ... ** I am sorry, but where is "levels" mentioned in the standard. See, this is your interpretation and it is fine and I like...
Hi, My replies are marked with ** ... ** Risk Assessment reports as far as I have seen is made up. The principal problem with Risk Analysis is that it is not...
Hi Anup, Good questions.....let me share my thoughts... on this..before i start.. someloud thinking...getting certified to ISO/IEC 27001:2005 is not THE goal.....
Hi, I think I would like to break off from this thread now, because the whole intention of my mail was for a healthy discussion. Unfortunately some of the...
Dear Anup, Hi, How are you? I am not very experienced on this topic and recently cleared my ISO 27001 ISMS-Certified Implementer course, I have my own...
Hi Anup, It is an open secret that Risk Assessment is a subjective process. Now why are we doing a risk assessment? Just because the std requires it or the...
Dear Colleagues in the ISMS Profession, I respect all the members of this mailing list as experts in the field of ISMS and information security but I guess we...
Hi Anup, Till i saw ur mail .... i was thinking that are discussion were healthy and i want it to be healthy... ok.. since i did not know you... i was just...
It has been really interesting to observe the current thread evolve. Some really interesting questions and sharing of experiences. While most of the questions...
Hi, There has been much hype about risk assessment in the last few days. Even though we have certain best practices around, i took inputs from the following 1....
Hi, I think ISM3 would not be appropriately discussed on this forum because this forum stands for ISO 27001. ISM3 has a separate Yahoo Group. I would also like...
I could see many interesting points raised on this thread.There may be arguements for or against any topic & such discussions becomes very complex when we are...
Hi, I would like to add my 2 cents to the discussion. I will try to be as specific as possible. *** 1.- Controls / Processes A control has no defined output. A...
Hi, Before i start i wish to say that to the group that i am not marketing ISO27001, i am only sharing my thoughts on ISO27001 as to how i have perceived it....
... Yes, I am a critic of ISO 27001 but not an ISO 27001 basher. I have my ... I'm agree too. For example, let me use the example which Bala has mentioned in...
Having problems with message search?
Fill out this form to ensure your group is one of the first to be migrated to the new message search system.
