• (0)

    Download free ISO 27001 & ISO 22301 materials

    ISO 27001 & ISO 22301 White papers (24)

    Checklist of cyber threats & safeguards when working from home

    Checklist of cyber threats & safeguards when working from home (PDF)

    White paper

    This white paper outlines the key cyber threats and vulnerabilities to address when working from home. The checklist explains 3 levels of threats and 21 vulnerabilities, as well as the safeguards that need to be established according to ISO 27001.

    Click to download
    Checklist of ISO 22301:2019 mandatory documentation

    Checklist of ISO 22301:2019 mandatory documentation (PDF)

    White paper

    This white paper is intended for business continuity managers and project managers who need to implement the standard. This helpful document gives an overview on what are ISO 22301 mandatory documents and records, together with the most commonly used non-mandatory documents.

    Click to download
    How to perform an internal audit using ISO 19011

    How to perform an internal audit using ISO 19011 (PDF)

    White paper

    This white paper is intended for companies that need to perform an internal audit as part of their ISO 27001 management system. Learn how ISO 19011 can help you, and read about principles of auditing, auditor characteristics, and steps for internal auditing according to this standard.

    Click to download
    What to expect at the ISO certification audit: What the auditor can and cannot do

    What to expect at the ISO certification audit: What the auditor can and cannot do (PDF)

    White paper

    This white paper is intended for information security managers and consultants in companies which already implemented quality standard(s) and need guidance on what to expect at the ISO certification audit.

    Click to download
    How is ISO 27001 applicable for Software-as-a-Service companies?

    How is ISO 27001 applicable for Software-as-a-Service companies? (PDF)

    White paper

    This white paper is intended for decision makers, information security managers, IT service managers, consultants and other employees in Software-as-a-Service companies that haven’t yet implemented ISO 27001. This helpful document gives an overview of benefits that the implementation of ISO 27001 can bring for SaaS business.

    Click to download
    Step-by-step explanation of ISO 27001/ISO 27005 risk management

    Step-by-step explanation of ISO 27001/ISO 27005 risk management (PDF)

    White paper

    This white paper is intended for Project managers, Information Security Manager, Data protection officers, Chief Information Security Officers and other employees who need guidance on how to implement risk management according to ISO 27001/ISO 27005. Get an overview of the risk management process, tasks you should consider while implementing the ISO 27001/ISO 27005 risk management and links to additional resources that will help you understand risk management.

    Click to download
    How to integrate ISO 27001, COBIT, and NIST

    How to integrate ISO 27001, COBIT, and NIST (PDF)

    White paper

    This white paper outlines ISO 27001, the COBIT framework for information technology (IT) management and IT governance, and the NIST Cyber Security Framework. By demonstrating the similarities and differences, it also clarifies how they can be used together at the same time during an information security implementation project to improve information protection.

    Click to download
    How to implement the NIST Cyber Security Framework using ISO 27001

    How to implement the NIST Cyber Security Framework using ISO 27001 (PDF)

    White paper

    This white paper outlines a US-based method of minimizing cybernetic risk, by discussing how to implement the NIST Cyber Security Framework using ISO 27001. By demonstrating the similarities and differences, it also clarifies how to integrate them successfully.

    Click to download
    ISO 27001 vs. ISO 22301 matrix

    ISO 27001 vs. ISO 22301 matrix (PDF)

    White paper

    This matrix shows relationships between the clauses of ISO 27001 and ISO 22301, and gives an overview of common requirements of these two standards with tips on how to fulfill them with as little documentation as possible. The purpose of this matrix is to present possibilities for combining these two systems in organizations that plan to implement both standards at the same time, or already have one standard and want to implement the other one.

    Click to download
    What is EU GDPR and how can ISO 27001 help?

    What is EU GDPR and how can ISO 27001 help? (PDF)

    White paper

    Understanding how ISO 27001 fits in alignment with EU GDPR can help organizations comply with these new European regulations. This document explains the relationship between EU GDPR and ISO 27001, while demonstrating how to go about protecting personal data. You will also learn whether you need to be EU GDPR compliant, and if ISO 27001 alone is adequate for compliance.

    Click to download
    Clause-by-clause explanation of ISO 27001

    Clause-by-clause explanation of ISO 27001 (PDF)

    White paper

    This document explains each clause of ISO 27001 and provides guidelines on what needs to be done to meet each requirement of the standard. It also gives insight into how to apply a process approach, and how to plan and analyze processes within the organization, helping you to understand how to establish and maintain an ISO 27001-based Information Security Management system (ISMS).

    Click to download
    Clause-by-clause explanation of ISO 22301

    Clause-by-clause explanation of ISO 22301 (PDF)

    White paper

    This document explains each clause of ISO 22301 and provides guidelines on what needs to be done to meet each requirement of the standard. It also gives insight into how to apply a process approach, and how to plan and analyze processes within the organization – helping you to understand how your BCMS can reach its full potential.

    Click to download
    Implementing ISO 27001 with a consultant vs. DIY approach

    Implementing ISO 27001 with a consultant vs. DIY approach (PDF)

    White paper

    When implementing ISO 27001 you may find it daunting deciding which method to follow. This white paper outlines the pros and cons of both going it alone, and hiring a consultant. It offers detail on both techniques, helping you make an informed decision as to which is the most suitable approach for your business.

    Click to download
    How to Budget an ISO 27001 Implementation Project

    How to Budget an ISO 27001 Implementation Project (PDF)

    White paper

    Implementing a project like ISO 27001 can be costly if you do not budget in advance. This white paper aims to help you budget effectively, and prevent any unnecessary expenses from occurring. Not only will you learn budgeting benefits and tips, but also how different implementation options can impact your overall budget.

    Click to download
    Integration of Information Security, IT and Corporate Governance

    Integration of Information Security, IT and Corporate Governance (PDF)

    White paper

    This white paper explains how to integrate Information Security, IT and Corporate Governance, in the best possible way. It guides you though main principles of corporate governance and lists all the similarities and differences between all three types of governance. The white paper also lists tools available for you to use in this process to make it effortless and stress-free.

    Click to download
    ISO 27001 vs. ISO 20000 matrix

    ISO 27001 vs. ISO 20000 matrix (PDF)

    White paper

    The matrix shows relationships between clauses of ISO 27001 and ISO 20000, and gives an overview of common requirements of these two standards with tips on how to fulfill them with as little documentation as possible. The purpose of this matrix is to present possibilities for combining these two systems in organizations that plan to implement both standards at the same time or already have one standard and want to implement the other one.

    Click to download
    Applicability of ISO 27001 divided by industry

    Applicability of ISO 27001 divided by industry (PDF)

    White paper

    This is a list of the most common information security issues that can be resolved by ISO 27001 implementation, divided by industry. This is a very useful document if you need to present to your management what your peer companies are doing.

    Click to download
    ISO 27001 vs. ISO 9001 matrix

    ISO 27001 vs. ISO 9001 matrix (PDF)

    White paper

    The matrix shows relationships between clauses of ISO 27001 and ISO 9001, and gives an overview of common requirements of these two standards with tips on how to fulfill them with as little documentation as possible. The purpose of this document is to present possibilities for combining these two systems in organizations that plan to implement both standards at the same time or already have one standard and want to implement the other one.

    Click to download
    Checklist of mandatory documentation required by ISO 27001:2013

    Checklist of mandatory documentation required by ISO 27001:2013 (PDF)

    White paper

    White paper that lists all the mandatory documents and records, but also briefly describes how to structure each document. This paper is ideal for all the companies that begin their ISMS implementation - it gives a perfect overview of which documents will be required, and where to place them.

    Click to download
    How online tools are revolutionizing ISO 27001 and ISO 22301 implementation

    How online tools are revolutionizing ISO 27001 and ISO 22301 implementation (PDF)

    White paper

    In this white paper we will look at each of the implementation options (hire a consultant, do it on your own without support, or use the online tools) in more detail, providing an easy comparison for decision making.

    Click to download
    ISO 27001 Case study for data centers

    ISO 27001 Case study for data centers (PDF)

    White paper

    An interview with the CEO of a smaller data center that shows how the implementation of ISO 27001 can benefit organizations from this industry. In this paper, the CEO discusses very openly which obstacles they found while implementing ISO 27001, and how they are using this standard to compete in the market.

    Click to download
    Twelve-step transition process from ISO 27001:2005 to 2013 revision

    Twelve-step transition process from ISO 27001:2005 to 2013 revision (PDF)

    White paper

    This white paper is intended for companies that have implemented the ISO 27001 2005 revision, and are planning to transition to the 2013 revision. The paper describes the suggested steps in the process.

    Click to download

    Presentations (3)

    Project Plan for ISO 27001 Implementation

    Project Plan for ISO 27001 Implementation (MS PowerPoint)

    Presentation

    Short presentation intended for chief security officers, project managers and other employees. This presentation will help clearly define the objectives of the Information Security Management System (ISMS) implementation project, documents to be written, deadlines, and roles and responsibilities in the project.

    Click to download
    Project proposal for ISO 27001 implementation

    Project proposal for ISO 27001 implementation (MS PowerPoint)

    Presentation

    Obtaining management support for implementation of ISO 27001 is not an easy task. You need to show them clearly and succinctly why this project is important for your company. With our Project Proposal template in PowerPoint, you’ll have a head start in earning management’s support and make sure that no important information is left out.

    Click to download
    Why ISO 27001 – Awareness presentation

    Why ISO 27001 – Awareness presentation (MS PowerPoint)

    Presentation

    Short presentation intended for employees that shows what ISO 27001 is all about, why is it good for the company – and also for themselves, and what is their role in handling information security.

    Click to download

    Templates (2)

    Project proposal for ISO 27001 / ISO 22301 implementation

    Project proposal for ISO 27001 / ISO 22301 implementation (MS Word)

    Template

    Template of a document you can use to propose the implementation of ISO 27001 and/or ISO 22301 to your top management. It contains the following sections: Purpose, Reasoning, Project objectives, Project duration, Responsibilities, Resources, and Deliverables.

    Click to download
    Project plan for ISO 27001 / ISO 22301 implementation

    Project plan for ISO 27001 / ISO 22301 implementation (MS Word)

    Template

    The purpose of the Project Plan is to clearly define the objective of the Information Security Management System (ISMS) implementation project, documents to be written, deadlines, and roles and responsibilities in the project.

    Click to download

    Checklists (10)

    Asset List for ISO 27001 Risk Assessment

    Asset List for ISO 27001 Risk Assessment (MS Word)

    Checklist

    A checklist that will provide you with the list of assets to be used as a guide during the asset-based risk assessment process. The checklist outlines 3 major steps during the development of the asset list and includes examples of key asset categories, elements, and owners.

    Click to download
    Diagram of 6 steps in ISO 27001/ISO 27005 risk management

    Diagram of 6 steps in ISO 27001/ISO 27005 risk management (PDF)

    Diagram

    This diagram presents the six basic steps in the ISO 27001/ISO 27005 risk management process, starting with defining how to assess the risks, and ending with creating the implementation plan for risk controls.

    Click to download
    Diagram of ISO 27001:2013 Risk Assessment and Treatment process

    Diagram of ISO 27001:2013 Risk Assessment and Treatment process (PDF)

    Diagram

    Diagram that shows the ISO 27001 Risk Assessment and Treatment process, considering an asset – threat – vulnerability approach.

    Click to download
    List of Questions to ask an ISO 27001 or ISO 22301 certification body

    List of Questions to ask an ISO 27001 or ISO 22301 certification body (MS Word)

    Checklist

    Which certification body is right for you? Consider these questions when deciding which registration body to hire for your ISO 27001 and/or ISO 22301 certification. This list contains 15 questions that will enable you to choose the right partner for this important step.

    Click to download
    List of questions to ask your ISO 27001/ISO 22301 consultant

    List of questions to ask your ISO 27001/ISO 22301 consultant (MS Word)

    Checklist

    Before deciding about hiring a consultant for your ISO 27001 and/or ISO 22301 implementation, consider these questions and use them to evaluate potential consultants.

    Click to download
    Diagram of ISO 27001:2013 Implementation

    Diagram of ISO 27001:2013 Implementation (PDF)

    Diagram

    Diagram that shows the ISO 27001 implementation process, from the beginning of the project to the certification.

    Click to download
    Diagram of ISO 22301 implementation process

    Diagram of ISO 22301 implementation process (PDF)

    Diagram

    Diagram that shows the ISO 22301 implementation process, from the beginning of the project to the certification.

    Click to download
    Diagram of BS 25999 implementation process

    Diagram of BS 25999 implementation process (PDF)

    Diagram

    Diagram that shows the BS 25999-2 implementation process, from the beginning of the project to the certification.

    Click to download
    Project checklist for ISO 27001 implementation

    Project checklist for ISO 27001 implementation (MS Word)

    Checklist

    A checklist that will enable you to keep track of all steps during the ISO 27001 implementation project. The checklist has 14 major steps and 44 tasks, starting with obtaining management support all the way through to certification audit.

    Click to download
    Project checklist for ISO 22301 implementation

    Project checklist for ISO 22301 implementation (MS Word)

    Checklist

    A checklist that will enable you to keep track of all steps during the ISO 22301 implementation project. The checklist has 17 major steps and 51 tasks, starting with obtaining management support all the way through to certification audit.

    Click to download
    expert-en

    Dejan Kosutic
    Lead ISO 27001/ISO 22301 Expert

    Need a simple explanation of what you need to do?

    SCHEDULE FREE CONSULTATION

    Advanced Search

    Search here for any material about
    ISO 27001 and ISO 22301 implementation

    About 27001Academy

     

    27001Academy is one of the Academies of Advisera.com. Advisera specializes in helping organizations implement top international standards and frameworks such as EU GDPR, ISO 27001, ISO 9001, ISO 13485, ISO 14001, ISO 45001, IATF 16949, ISO/IEC 17025, AS9100, ISO 20000 and ITIL. Over the years, Advisera has become a global leader in the provision of web-based training and documentation for ISO 27001 (information security management) and ISO 22301 (business continuity management).

    Our products are of best-in-class quality. With a proven performance record of successful implementations in more than 100 countries, our world-class customer support ensures success. Read more about the 27001Academy here.

     

    100% Secure Online Billing

     

    We use Secure Socket Layer (SSL) technology, the industry standard and among the best available today for secure online commerce transactions. All of your personal information, including credit card number, name, and address is encrypted so it cannot be read during transmission. You are protected by your credit card company in the case of a fraudulent transaction with any purchase.

    cards

    AES-128bit SSL safe Privacy Policy

    Online payment services are provided by BlueSnap and 2Checkout.