ISO 27001 information security event vs. incident vs. non-compliance
Rhand Leal
No environment can be 100% secure. Problems (which can be broadly described as “occurrences” or “deviations”) will happen, but not...
No environment can be 100% secure. Problems (which can be broadly described as “occurrences” or “deviations”) will happen, but not all problems need to be treated the same way, and this can have a significant...
RACI matrix for ISO 27001 implementation project
Very often, an ISO 27001 implementation project is a multi-level and multidisciplinary endeavor, where personnel involved have different roles and responsibilities...
Very often, an ISO 27001 implementation project is a multi-level and multidisciplinary endeavor, where personnel involved have different roles and responsibilities as the project progresses. To help clarify and control personnel involvement, many projects make use...
Does ISO 27001 help CCPA compliance?
In the wake of the increasing concerns over privacy protection, the U.S. state of California passed a new regulation at...
In the wake of the increasing concerns over privacy protection, the U.S. state of California passed a new regulation at the end of June of this year to ensure the protection of Californian consumers. Coming...
What to consider in case of termination or change of employment according to ISO 27001
As relationships between people and organizations evolve, it is natural for work situations to change. Concluded contracts lead to termination...
As relationships between people and organizations evolve, it is natural for work situations to change. Concluded contracts lead to termination of employment relationships, and opportunities or gaps in roles or functions lead people to relocate...
How to define context of the organization according to ISO 27001
Since the release of the 2013 revision of ISO 27001, its clause 4.1 requiring the identification of the organizational context...
Since the release of the 2013 revision of ISO 27001, its clause 4.1 requiring the identification of the organizational context has been causing quite some confusion, because it is rather vague. What must you consider...
What to consider in security terms and conditions for employees according to ISO 27001
A good way to ensure that people are aware of their roles and responsibilities in an organization is by defining...
A good way to ensure that people are aware of their roles and responsibilities in an organization is by defining policies and procedures to be followed. But this solution has a limitation: they only cover...
Dejan Kosutic 
Advisera is Exemplar Global Certified TPECS Provider for the IS, QM, EM, TL and AU Competency Units.
ITIL® is a registered trade mark of AXELOS Limited. Used under licence of AXELOS Limited. All rights reserved.
DNV GL Business Assurance is one of the leading providers of accredited management systems certification.
