![]() Do we really need to implement control X?.Do we need to risk assess all our information assets?.What should we include in our information asset inventory?.How do we compile an inventory of our information assets?. ![]() Why do some organisations de-scope their ISMSs?.If we limit the scope of our ISMS, how do we treat out-of-scope risks?.How do we define the scope of our ISMS?.Must we involve members from all parts of the business in the ISMS?.Should our CISO report to Quality, IT Operations or the GM?.Is it necessary to appoint an Information Security Manager?.How long will it take us to implement an ISMS?. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |