Help required getting ISO compliant.
Hi guys, I'm a current college studying, intern in an IT startup. I have been given the task of getting the company ISO complaint. I have done a meticulous study about ISO standards particularly the 27001 and 27701 standard. Theoretically i have understood what the framework is. Although, now since i have to practically implement it, i'm a little lost as to how to initiate and get everything ready for auditing, like what and how to get things documented. The ISO given framework only sets out vague straightforward stuff like 'do a risk assessment' but does not state how to do it and so on. Any tips and experiences on how I should proceed would be of great help
At Cyber Info, we strive to empower every individual with easy access to cybersecurity education
179,586Members
Resources
Recent Announcements
Similar Threads
Was this page helpful?
