Elsmar Cove Quality DiscussionsISO/IEC 27001 - Issue during implementation of systemThe Cove Business Standards Discussion Forums More Free Files Forum Discussion Thread Post Attachments Listing Cove Discussion Forums Main Page
ISO/IEC 27001 - Issue during implementation of system
UL - Underwriters Laboratories - Health Sciences
ISO/IEC 27001 - Issue during implementation of system
ISO/IEC 27001 - Issue during implementation of system
ISO/IEC 27001 - Issue during implementation of system
ISO/IEC 27001 - Issue during implementation of system
ISO/IEC 27001 - Issue during implementation of system
ISO/IEC 27001 - Issue during implementation of system
ISO/IEC 27001 - Issue during implementation of system
Go Back   The Elsmar Cove Business Systems and Standards Discussion Forums > >
Forum Username

Elsmar Cove Forum Visitor Notice(s)

Wooden Line

ISO/IEC 27001 - Issue during implementation of system


Elsmar XML RSS Feed
Elsmar Cove Forum RSS Feed

Monitor the Elsmar Forum
Sponsor Links




Courtesy Quick Links


Links Elsmar Cove visitors will find useful in the quest for knowledge and support:

Jennifer Kirley's
Conway Business Services


Howard's
International Quality Services


Marcelo Antunes'
SQR Consulting, and
Medical Devices Expert Forum


Bob Doering
Bob Doering's Blogs and,
Correct SPC - Precision Machining


Ajit Basrur
Claritas Consulting, LLC



International Standards Bodies - World Wide Standards Bodies

AIAG - Automotive Industry Action Group

ASQ - American Society for Quality

International Organization for Standardization - ISO Standards and Information

NIST's Engineering Statistics Handbook

IRCA - International Register of Certified Auditors

SAE - Society of Automotive Engineers

Quality Digest

IEST - Institute of Environmental Sciences and Technology


Some Related Topic Tags
iso 27001 - information security management system (isms)
Reply
 
Thread Tools Search this Thread Rate Thread Content Display Modes
  Post Number #1  
Old 26th March 2018, 05:05 PM
Akinom

 
 
Total Posts: 2
Please Help! ISO/IEC 27001 - Issue during implementation of system

Hi All,

ISO/IEC 27001 topics are new for me.
I would like to ask you for support in below question.

As a requirement of our customer we are implementing ISO/IEC 27001 in part of our organization. We are working in customer's systems on his network (some kind of database). The assets we would like to protect are information to which we have access via this system and data which we save in this system (on line working). For protect these assets we implemented required by customer controls.

In addition, to implement ISO/IEC 27001 we are creating procedures, polices, records which will be maintain on our network.
Key process is supported by processes such as facility management process, quality and hr.

Here my question comes:
In this case, is there a possibility to exclude our IT?

Thank you in advance for all responses.

Sponsored Links
  Post Number #2  
Old 27th March 2018, 09:03 AM
mihzago

 
 
Total Posts: 189
Re: ISO/IEC 27001 - Issue during implementation of system

what does your IT do? are they simply a help desk to assist your employees with computer issues or maintaining internal network that is completely separate from the customer, including data, documentation and interfaces? - then maybe, but if you're including HR and facilities management, then I don't know how you can justify excluding IT.

if your IT is involved in supporting or maintaining any resources (hardware, software, people) used for development or interface with the customer's system (for example you mentioned that you implemented controls required by the customer), then you definitely cannot exclude.
  Post Number #3  
Old 27th March 2018, 01:52 PM
Akinom

 
 
Total Posts: 2
Re: ISO/IEC 27001 - Issue during implementation of system

In this case our IT is seperated from customer network.
All settings related to customer network were done by suppliers choosen by customer. All problems related with customer hardware, connection and base will be reported to customer's help desk.

ISMS documentation and records will be maintain in our base. To communication with customer we will use our e-mail accounts.
Facility management supports us in ACS and things related to buildings (like media, cleaning and security staff) .
HR - hiring employees and terminate of employment, training and maintaining personal files.
  Post Number #4  
Old 4th April 2018, 02:49 AM
smohanarangan

 
 
Total Posts: 17
Re: ISO/IEC 27001 - Issue during implementation of system

Quote:
In Reply to Parent Post by Akinom View Post

Hi All,

ISO/IEC 27001 topics are new for me.
I would like to ask you for support in below question.

As a requirement of our customer we are implementing ISO/IEC 27001 in part of our organization. We are working in customer's systems on his network (some kind of database). The assets we would like to protect are information to which we have access via this system and data which we save in this system (on line working). For protect these assets we implemented required by customer controls.

In addition, to implement ISO/IEC 27001 we are creating procedures, polices, records which will be maintain on our network.
Key process is supported by processes such as facility management process, quality and hr.

Here my question comes:
In this case, is there a possibility to exclude our IT?

Thank you in advance for all responses.
I don't think we can exclude IT as most of control is for IT. You can include client dB as out-of-scope if it he being owned by client.
Reply

Lower Navigation Bar
Go Back   The Elsmar Cove Business Systems and Standards Discussion Forums > >

Bookmarks



Visitors Currently Viewing this Thread: 1 (0 Registered Visitors (Members) and 1 Unregistered Guest Visitors)
 
Thread Tools Search this Thread
Search this Thread:

Advanced Forum Search
Display Modes Rate Thread Content
Rate Thread Content:

Forum Posting Settings
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Emoticons are On
[IMG] code is On
HTML code is Off


Similar Discussion Threads
Discussion Thread Title Thread Starter Forum Replies Last Post or Poll Vote
ISMS implementation - ISO 27001: 2013 Company Objectives A1S2H3I4T5H IEC 27001 - Information Security Management Systems (ISMS) 1 1st February 2018 12:18 PM
ISO 27001 Implementation and Metrics Guide Richard Regalado Other ISO and International Standards and European Regulations 8 10th June 2015 01:59 AM
ISO 27001:2005 ISMS implementation process & Procedure ameerjani007 IEC 27001 - Information Security Management Systems (ISMS) 3 17th September 2013 03:38 AM
ISO 27001 Implementation in the Automotive Industry AnnaW IEC 27001 - Information Security Management Systems (ISMS) 10 23rd January 2013 10:38 AM
ISO 27001 Implementation Map Richard Regalado Other ISO and International Standards and European Regulations 2 14th September 2008 01:19 PM



The time now is 08:07 AM. All times are GMT -4.
Your time zone can be changed in your UserCP --> Options.



Misc. Internal Links


NOTE: This forum uses "Cookies"

The Elsmar Cove is currently owned by the Marc Smith Retirement Trust and operated by Law-Nutz Wyoming©2018