Show me desktop version

The ISO 27001 & ISO 22301 Blog

ISO_27001_vs_ISO_27032

ISO 27001 vs. ISO 27032 cybersecurity standard

There are many standards in the ISO 27001 series, all related to security.  You probably don’t know much about ISO 27032:2012 because it is not as well-known as ISO 27001, ISO 27002, or ISO 22301, but it is near you, because it has to do with a place that you …

Read More ...
ISO_27001_Access_Control

How to handle access control according to ISO 27001

Access control is usually perceived as a technical activity that has to do with opening accounts, setting passwords, and similar stuff – and it is true: access control does include all these things, but access control doesn’t begin as a technical thing. It begins as a business decision. Let’s see …

Read More ...
Questions_for_ISO_27001_certification_auditor

Which questions will the ISO 27001 certification auditor ask?

If you’re going to go through the process of an ISO 27001 certification audit in your company, surely you have wondered – What will the auditor ask me? And you know what? The auditor also has questions for himself, for example: What type of answers I will receive? Most auditors …

Read More ...
Profitable_investment_in_ISO_27001

How to make your investment in ISO 27001 profitable

Nothing motivates executives more than profits; so, if you’re proposing your ISO 27001 project to your top management, you should figure out how this project can increase the profit of your company. “But how?” you may be wondering. “Profit cannot be created with this kind of a project; there are …

Read More ...
Project_management

How to manage security in project management according to ISO 27001 A.6.1.5

Security in project management is a completely new thing in the 2013 revision of ISO 27001 – many people are wondering how to set it up, and whether their projects should be covered with this control at all. Read this article to find the answers… It is likely that you’ve heard …

Read More ...
Applicability_accross_industries

Applicability of ISO 27001 across industries

People often mistake ISO 27001 for an IT standard, as something that is applicable to the IT industry only. And they are partially right – lots of IT companies are going for ISO 27001 because they see it as good for their businesses. However, this is only half of the story …

Read More ...
Infografic-Brain-of-an-ISO-auditor

Infographic: The brain of an ISO auditor – What to expect at a certification audit

  If your company is going for the ISO certification (e.g., ISO 9001, ISO 14001, OHSAS 18001, ISO 20000, ISO 22000, ISO 22301, or ISO 27001), you’re probably not very happy about it – certification auditors are usually perceived as persons who are not very open minded and who will …

Read More ...

How to use ISO 22301 for the implementation of business continuity in ISO 27001

One of the biggest mysteries in ISO 27001 implementation is the Annex A section A.17, which speaks about business continuity management. How does business continuity relate to information security, and why is it included in ISO 27001? Unfortunately, ISO 27001 does not provide much detail when it comes to business continuity. …

Read More ...

How to perform monitoring and measurement in ISO 27001

Performance monitoring and measurement are key actions in the maintenance and improvement of any system. (See this article for more information: Achieving continual improvement through the use of maturity models.) ISO 27001 recognizes their importance in clause 9.1 (Monitoring, measurement, analysis and evaluation), defining requirements to be observed when implementing such …

Read More ...

How to use firewalls in ISO 27001 and ISO 27002 implementation

A firewall is basically software that manages connections between different networks (internal or external), and has the ability to accept a connection, reject it, or filter it under certain parameters. Because this is a key component in any organization, we can consider it as if it were the door of …

Read More ...

ISO 27001 & ISO 22301 Free
Downloads

 

Show posts:
Request callback
Request callback
Time to call:

Or call us directly

International calls
+1 (646) 759 9933