@@PrabhNair1 But the reference must be from 27001:2022 as a complete session based on the newer version as well as the slide saying 93 controls and not 114
@@vivekdhandha3919 goal of the video is to give transition view end to end and for legal required if old standard control can be used we can still use for conformity
Hi prabh, Could you make a shorts or summary video. Which lists all the mandatory documents and also the best practice documents for ISO27001 for easy reference
Hi Prabh, I have been following up your series this is a great learning However can you please let me know, if we are referring to ISO 27001:2022, where does Annex A category comes in play? In ISO 27001:2022, there exist 4 heads organizational, people, physical and Technological control, how do we go about other Annex A categories?
For A.8.30 Outsourced development , as per the given case study the applicability of controls is No, but the reason for exclusion is " All software and applications used are sourced from third party vendors...". If softwares and applications are provided by third party vendors , shouldn't there be a Control for it like contact, patching etc. otherwise who and how the org is going to address the risk emerging from those application.
Your training is on point. I think you should do the same for Audit with the practical steps and sample datasets.
Very informative and I really liked the structure of the content.
yes ur videos are very practical and to the point
Why is the slide at 16:25 min. position showing 27001:2013 control numbers
A.12.2.1
A.13.1.1
A.18.1.1
A.13.2.1
It was just an reference i took
@@PrabhNair1 But the reference must be from 27001:2022 as a complete session based on the newer version as well as the slide saying 93 controls and not 114
@@vivekdhandha3919 in my previous consulting we have used this for gap assement for transition to iso 27001:13 to 22.Rest point you will see same
@@vivekdhandha3919 goal of the video is to give transition view end to end and for legal required if old standard control can be used we can still use for conformity
Perfect points man❤❤
Hi prabh, Could you make a shorts or summary video. Which lists all the mandatory documents and also the best practice documents for ISO27001 for easy reference
Crisp & Clear Video👌
Thank you 😃
Thanks Prabh for the content ✌
When should one prepare SoA, before the audit start or when all controls are discussed based on the risk rating/score
It's can be done as per need
Hi Prabh, I have been following up your series this is a great learning
However can you please let me know, if we are referring to ISO 27001:2022, where does Annex A category comes in play? In ISO 27001:2022, there exist 4 heads organizational, people, physical and Technological control, how do we go about other Annex A categories?
@@Sambhav-y3h Annex A of ISO 27001 is a list of security controls that organizations can use to improve information security
Is isms summary manual a mandatory document? or it is just a best practice
@@vinesh7665 it's best practice
For A.8.30 Outsourced development , as per the given case study the applicability of controls is No, but the reason for exclusion is " All software and applications used are sourced from third party vendors...". If softwares and applications are provided by third party vendors , shouldn't there be a Control for it like contact, patching etc. otherwise who and how the org is going to address the risk emerging from those application.
@@vinesh7665 agree that is already covered in vendors management