Comment by 1970-01-01
2 months ago
The risk register is ISO 27001. The "I" in ISO doesn't stand for Internet, it stands for international. You shouldn't be doing business with international customers if you don't have a risk register, which is why they're requesting it.
The D in Democratic People's Republic of Korea means it should be democratic so why is it a dictatorship?
The world doesn't work based on abbreviations. It's very normal for any company to ask you for ISO 27001 whether international or otherwise.
Why is the line drawn at being international?
What is it about customers in Ethiopia that necessitates this? What is it about American (non-international) customers that doesn't require a register?
Shouldn’t according to who? Who appointed ISO to say what should and shouldn’t be done?
The majority of countries that do business today have backed it. You are welcome to ignore it and work against the 160 countries that are using it.
who. Countries are not people.
2 replies →