• (0)
    ISO-27001-ISO-22301-blog

    All posts by: Dejan Kosutic

    How to document roles and responsibilities according to ISO 27001
    Information security professionals who are new in ISO 27001 very often tend to think this standard requires a very centralized and very...
    Information security professionals who are new in ISO 27001 very often tend to think this standard requires a very centralized and very detailed definition of roles and responsibilities. Actually, this is not true. Please don’t get me...
    What should you write in your Information Security Policy according to ISO 27001?
    Content of an Information Security Policy is certainly one of the biggest myths related to ISO 27001 – very often...
    Content of an Information Security Policy is certainly one of the biggest myths related to ISO 27001 – very often the purpose of this document is misunderstood, and in many cases people tend to think...
    What is an Information Security Management System (ISMS) according to ISO 27001?
    If you’ve started an  ISO 27001 implementation, you’ve surely come up with the term Information Security Management System or ISMS....
    If you’ve started an  ISO 27001 implementation, you’ve surely come up with the term Information Security Management System or ISMS. Pretty vague term, isn’t it? And yet, the ISMS is the main “product” of ISO...
    4 mitigation options in risk treatment according to ISO 27001
    Most people think risk assessment is the most difficult part of implementing ISO 27001 – true, risk assessment is probably the most...
    Most people think risk assessment is the most difficult part of implementing ISO 27001 – true, risk assessment is probably the most complex, but risk treatment is definitely the one that is more strategic and more costly....
    ISO 27001 vs. ISO 27017 – Information security controls for cloud services
    The future of ISO 27017, together with ISO 27018, seems quite bright: they define security standards for today’s fastest-growing industry...
    The future of ISO 27017, together with ISO 27018, seems quite bright: they define security standards for today’s fastest-growing industry – cloud computing. This topic is so big and so hot, that these two standards...
    ISO 27001 vs. ISO 27018 – Standard for protecting privacy in the cloud
    Update 2015-12-01: This blog post was updated on the issue of certification. If your company is delivering services in the...
    Update 2015-12-01: This blog post was updated on the issue of certification. If your company is delivering services in the cloud, you probably have more and more customers asking you how their personal data is...