ISO-27001-ISO-22301-blog

    All posts by: Rhand Leal

    Understanding ISO 27001 Language
    One of the main rules of good communication is to adjust your speech to the target audience. ISO 27001 has its...
    One of the main rules of good communication is to adjust your speech to the target audience. ISO 27001 has its own set of terms, useful to leverage the understanding between security practitioners. However, an organization...
    Achieving continual improvement through the use of maturity models
    Like any other ISO management system, ISO 27001 has a requirement for continual improvement (clause 10.2). It is like that because...
    Like any other ISO management system, ISO 27001 has a requirement for continual improvement (clause 10.2). It is like that because no process, no matter how well established and implemented, compliant with ISO standards or not,...
    Special interest groups: A useful resource to support your ISMS
    An Information Security Management System (ISMS) is only as good as its ability to keep up with the requirements of...
    An Information Security Management System (ISMS) is only as good as its ability to keep up with the requirements of the business and provide adequate protection against the risks the organization is exposed to. To...
    How personal certificates can help your company’s ISMS
    One of the greatest challenges in managing information security is assuring that people can handle information and execute security activities...
    One of the greatest challenges in managing information security is assuring that people can handle information and execute security activities in a proper manner. Unprepared and untrained people can pose a risk to information, and...
    Risk appetite and its influence over ISO 27001 implementation
    Clause 6.1.2 (a) (1) of ISO 27001:2013 states that an organization must establish and maintain information security risk criteria, and those...
    Clause 6.1.2 (a) (1) of ISO 27001:2013 states that an organization must establish and maintain information security risk criteria, and those must include criteria for risk acceptance. Since these criteria have direct influence on how organizational...
    Mandatory documents required by 2019 revision of ISO 22301
    Updated according to ISO 22301:2019. What should your business continuity documentation contain? This is probably what you’re asking yourself if...
    Updated according to ISO 22301:2019. What should your business continuity documentation contain? This is probably what you’re asking yourself if you are implementing ISO 22301, preparing for the internal audit, or preparing for the certification...