How to demonstrate resource provision in ISO 27001
Rhand Leal
The availability of resources is a critical point in any endeavor. You can have the best ideas and the best...
The availability of resources is a critical point in any endeavor. You can have the best ideas and the best intentions, but if you lack resources you are doomed to failure. So, it may seem...
What to implement first: ISO 22301 or ISO 27001?
Wolfgang Mahr
Implementing ISO management system standards, even with the help of toolkits and consultants, may be a challenging task. In practice,...
Implementing ISO management system standards, even with the help of toolkits and consultants, may be a challenging task. In practice, sometimes it seems appropriate to enhance preparedness and protection in several areas of an organization,...
How to use Scrum for the ISO 27001 implementation project
Antonio Jose Segovia
Scrum is a framework, based on the Agile method, mainly used in software development. Originally, it was developed for complex...
Scrum is a framework, based on the Agile method, mainly used in software development. Originally, it was developed for complex product development, and there are many companies in the world that currently use this framework...
Should information security focus on asset protection, compliance, or corporate governance?
Dejan Kosutic
Traditionally, information security has been perceived as an activity that was built around protecting sensitive information assets – after all,...
Traditionally, information security has been perceived as an activity that was built around protecting sensitive information assets – after all, this is what the first (2005) revision of ISO 27001, and its predecessor BS 7799-2,...
Business Continuity Management vs. Information Security vs. IT Disaster Recovery
For outsiders, it’s not easy to distinguish among the specific purposes of Business Continuity Management (BCM), Information Security (IS), and...
For outsiders, it’s not easy to distinguish among the specific purposes of Business Continuity Management (BCM), Information Security (IS), and IT Disaster Recovery (IT DR). All three areas have something to do with “security,” “losses,”...
Aligning information security with the strategic direction of a company according to ISO 27001
There is one requirement of ISO 27001 that is very rarely mentioned, and yet it is probably crucial for the long-term...
There is one requirement of ISO 27001 that is very rarely mentioned, and yet it is probably crucial for the long-term “survival” of an Information Security Management System (ISMS) in a company: this is the requirement...
