How to document roles and responsibilities according to ISO 27001
Dejan Kosutic
Information security professionals who are new in ISO 27001 very often tend to think this standard requires a very centralized and very...
Information security professionals who are new in ISO 27001 very often tend to think this standard requires a very centralized and very detailed definition of roles and responsibilities. Actually, this is not true. Please don’t get me...
What is the ISO 27001 Information Security Policy, and how can you write it yourself?
Update 2022-04-08. The content of an Information Security Policy is certainly one of the biggest myths related to ISO 27001...
Update 2022-04-08. The content of an Information Security Policy is certainly one of the biggest myths related to ISO 27001 – very often, the purpose of this document is misunderstood, and in many cases, people...
What is an Information Security Management System (ISMS)?
Updated: November 8, 2023. If you’re working with ISO 27001, you’ve surely came across the term “Information Security Management System”...
Updated: November 8, 2023. If you’re working with ISO 27001, you’ve surely came across the term “Information Security Management System” or ISMS. Pretty vague term, isn’t it? In the following article, we will give you...
ISO 27001 vs. ISO 27017 – Information security controls for cloud services
The future of ISO 27017, together with ISO 27018, seems quite bright: they define security standards for today’s fastest-growing industry...
The future of ISO 27017, together with ISO 27018, seems quite bright: they define security standards for today’s fastest-growing industry – cloud computing. This topic is so big and so hot, that these two standards...
3 phases of delivering an ISO 27001/ISO 22301 consulting job
If you’re an independent consultant at the beginning of your career, you’re probably wondering how to perform your first consulting...
If you’re an independent consultant at the beginning of your career, you’re probably wondering how to perform your first consulting job for ISO 27001 or ISO 22301 implementation. But, don’t worry – here’s what you need...
How to handle access control according to ISO 27001
Updated: March 29, 2023, according to the ISO 27001 2022 revision. Access control is usually perceived as a technical activity...
Updated: March 29, 2023, according to the ISO 27001 2022 revision. Access control is usually perceived as a technical activity that has to do with opening accounts, setting passwords, and similar stuff – and it...
