Видео

Yes Ryan. This is part of the overall puzzle. This policy meets the requirements for having a cloud services policy and the requirements for cloud providers but remember that the standard is made up of many policies and Annex A controls that address specifics such as access control, network security, physical security, anti malware and much much more. The points you raise are addressed, but not here. Which out of context may seem strange but we are creating building blocks to create a house. What ever house you need and want. You can join the Q and A or drop me a 1 to 1 and I can cover for you in more detail than the comments allow. 🙏

One of many additional videos that support this area that will add some context to this 'how to' video - ruclips.net/video/pD9xeH-NlM8/видео.html

Your / You're welcome ☺️

@@StuartBarker Hahaha, so fair man, so fair.

Thank you - I cover what you need in the blog that goes with the video - it is here for reference - hightable.io/iso-27001-annex-a-5-7-threat-intelligence/ 🙏

Thank you! 🙏

Read this blog - hightable.io/iso-27001-when-you-have-no-office/ - but substitute dev ops for physical security. It is the same approach for you. Let me know if that not answer or you have questions but I think it will give you what you need 🙏

@@StuartBarker This helps. Thank you again for your help.

@@StuartBarker That was helpful. Thank you.

You can find it here: hightable.io/product/iso-27001-annex-a-5-2-information-security-roles-and-responsibilities-template/. 🙏🙏🙏🙏

The annex A videos are also on my channel. They are also located in their own playlist. Take a look. 🙏

It is guidance included in the Labelling control. None of the Annex A controls are a requirement. They are a requirement if they mitigate a risk you have. The ISO 27002 standard lists out guidance for you to consider when implementing a control. There are many ways to implement a control and still meet the control objective. ISO 27001 is a risk based system and you are implementing based on risk and business need.

@@StuartBarkerthanks you

On the High Table website is an ISO 27001 reference guide and Annex A reference guide that is a great start. You should also purchase copies of the actual standard. Then maybe watch the videos here. The only real way to learn to any degree that is useful is to do it. Over and over again :) 🙏

Are you factoring into this learning of the standard and consuming all of the training? Your time line is achievable. There are factors I do not know specific to you but on average 3 months is realistic on the parameters you share. So 5 to 6 months is very achievable.

@@StuartBarker Thank you for the information. Exactly, we go through all your training courses. We were also thinking about buying one of your toolkits. (Business Edition). On the other hand, we would also like to do it ‘manually’ and on our own as much as possible for the learning effect. What would you recommend? The main problem is that we don't quite know how to start yet (the whole process). Honestly, many videos say something different about how it should be approached. That's why a structured guide would be beneficial. KR

I cannot vouch for other sites but I can vouch that my system works as you see on the reviews, the comments here etc. Building from scratch will take months if not years. It is doable. There is little value to you in doing it but you can. I have videos on here on how to do that also. I recommend the toolkit, as do others, clearly, and concentrate on the learnings not the typing. You also know it meets the standard. Good luck on which ever route you go. 🙏

@@StuartBarker Many thanks!

Please watch this video for how, options and associated costs of each option: ruclips.net/video/fe1tc9B3it4/видео.html

That will be vendor dependant so I can say on behalf of all vendors, sorry.

🙏

@babyology101 - yes, hightable.io/product/iso27001-threat-intelligence-process-template/ This should help.

I think you have potentially confused concepts of certification and training - for certification costs watch this - ruclips.net/video/fe1tc9B3it4/видео.htmlsi=QN1wTEztjAaXyYu7 if you mean training then you have many options and the cost you quote feels low. You can reach out to me in an ISO 27001 clinic or call - just goto contact on my website - if you need more pointers.

@@StuartBarker I don't know, a friend at work recommended it to me, it's called ISO 27001 Lead Implementer Certficate. 5 training days, followed by a test to earn a cert, I've watched your video, the annual audit fees aren't included, the test fees, I'm unsure-- will need to inquire further, saw the price ranges you listed in the vid description, 1000 usd is indeed cheap in comparison 😅 I'll need to look up more as I honestly don't have enough information to know what to ask you, thank you for opening my eyes. One question though, if I watch your playlist, would I have the basics to implement 27001 in a project or I'd need to take training with a certification body ? As you said, many offer the sky but fail to deliver, there're many offering free courses and I don't know if it's the same material like CompTIA courses or there're branches that I need to be aware of.

Ah - you are talking about training. All of my videos give you everything you need and more for free. These include real world implementation examples. I give all the knowledge away for free. You would know more than you would learn by watching. In time, when you need it, do the book training and get the paper certificate if cost is an issue right now. The channel is set up in playlist - work through them. Good luck !

@@StuartBarker thank you, lucky I came across your channel, also love your advice ''learn in time when you need it'', will do thank you.

Thank you. Kind of you to say. I appreciate the feedback.

I do but I am about 14 videos into 93 for Annex A :) I gotta finish 27001 first 🙏

Thank you. I appreciate the feedback 🙏

Thank you :) I appreciate the positive feedback 🙏

Hi and thanks for the comment and support. All of the ISO 27001 templates are here: hightable.io/iso-27001-store/ - thank you @halvadandu

Fantastic - hope the subscribe for Free ISO 27001 Learnings :) your feedback is appreciated and you are a super star 🌟

Very much appreciate your positive feedback. Thank you. 🙏🏽

Potato / Potatoe 😊. This is great and thanks for watching. As management systems they are all much of a muchness now and becoming aligned. Tweaks to create an integrated management system but not hard. I really appreciate you taking time out. Thank you.

Yes, yes it does lack a large following :) more followers need free learnings on ISO 27001 :) - thank you for comment and feedback. I appreciate it a lot. 🙏🏽

I really appreciate that feedback. Thank you. And thank you for your support. 🙏🏽

Thank you for the feedback. I really appreciate it and glad that it added value. 🙏🏽

It is amazing to hear that it has helped. Be sure to check out the other videos and tutorials. Thank you. 🙏🏽

I have done a simple blog on it here: hightable.io/iso-27001-2022-everything-you-need-to-know/ Amendment one changes short: ruclips.net/user/shortspUMxa2L6JzM Amendment one implementation short: ruclips.net/user/shortsL8hC4ZrrPKc Thanks for watching @gavinneville7410

You are very welcome :) Check out the other tutorial videos in the series 🙏

👀🤣🙏

All about the glasses and the learnings. :) 🙏🏽