• (0)
    ISO-27001-ISO-22301-blog

    All posts by: Rhand Leal

    Understanding ISO 27001 Language
    One of the main rules of good communication is to adjust your speech to the target audience. ISO 27001 has its...
    One of the main rules of good communication is to adjust your speech to the target audience. ISO 27001 has its own set of terms, useful to leverage the understanding between security practitioners. However, an organization...
    Achieving continual improvement through the use of maturity models
    Like any other ISO management system, ISO 27001 has a requirement for continual improvement (clause 10.2). It is like that because...
    Like any other ISO management system, ISO 27001 has a requirement for continual improvement (clause 10.2). It is like that because no process, no matter how well established and implemented, compliant with ISO standards or not,...
    Special interest groups: A useful resource to support your ISMS
    An Information Security Management System (ISMS) is only as good as its ability to keep up with the requirements of...
    An Information Security Management System (ISMS) is only as good as its ability to keep up with the requirements of the business and provide adequate protection against the risks the organization is exposed to. To...
    How personal certificates can help your company’s ISMS
    One of the greatest challenges in managing information security is assuring that people can handle information and execute security activities...
    One of the greatest challenges in managing information security is assuring that people can handle information and execute security activities in a proper manner. Unprepared and untrained people can pose a risk to information, and...
    Risk appetite and its influence over ISO 27001 implementation
    Clause 6.1.2 (a) (1) of ISO 27001:2013 states that an organization must establish and maintain information security risk criteria, and those...
    Clause 6.1.2 (a) (1) of ISO 27001:2013 states that an organization must establish and maintain information security risk criteria, and those must include criteria for risk acceptance. Since these criteria have direct influence on how organizational...
    NIST Cybersecurity Framework or ISO 27001 – Which is the better choice for your company?
    On February 12, 2014, the National Institute of Standards and Technology (NIST) published Framework for Improving Critical Infrastructure Cybersecurity, commonly...
    On February 12, 2014, the National Institute of Standards and Technology (NIST) published Framework for Improving Critical Infrastructure Cybersecurity, commonly known as Cybersecurity Framework. If you already came across ISO 27001, you’re probably wondering: What...