Get 2 Documentation Toolkits for the price of 1
Limited-time offer – ends March 28, 2024
ISO 27001 2013 vs. 2022 revision – What has changed?
ISO 27001 and ISO 27002 are being updated during 2022, so there is a great interest in what will change....
ISO 27001 and ISO 27002 are being updated during 2022, so there is a great interest in what will change. Here are the most common questions we typically get, and the detailed explanations....
How to achieve sustainable competitive advantage through cybersecurity
There is no doubt that companies are investing lots of money in cybersecurity lately – of course they are: with...
There is no doubt that companies are investing lots of money in cybersecurity lately – of course they are: with so many data breaches and expectations from key clients, this becomes a necessity in doing...
Should information security focus on asset protection, compliance, or corporate governance?
Traditionally, information security has been perceived as an activity that was built around protecting sensitive information assets – after all,...
Traditionally, information security has been perceived as an activity that was built around protecting sensitive information assets – after all, this is what the first (2005) revision of ISO 27001, and its predecessor BS 7799-2,...
Aligning information security with the strategic direction of a company according to ISO 27001
There is one requirement of ISO 27001 that is very rarely mentioned, and yet it is probably crucial for the long-term...
There is one requirement of ISO 27001 that is very rarely mentioned, and yet it is probably crucial for the long-term “survival” of an Information Security Management System (ISMS) in a company: this is the requirement...
Where does information security fit into a company?
Very often, I hear controversial discussions about whether information security is part of IT, or whether it should be separate...
Very often, I hear controversial discussions about whether information security is part of IT, or whether it should be separate from it, part of some compliance or risk department, etc. But, before we determine who...
4 crucial techniques for convincing your top management about ISO 27001 implementation
Don’t expect your management to understand on their own why ISO 27001 is good for their company – you have to...
Don’t expect your management to understand on their own why ISO 27001 is good for their company – you have to work very hard to convince them. Essentially, you need to have two elements to be...