• (0)
    ISO-27001-ISO-22301-blog

    All posts by: Rhand Leal

    How ISO 27001 can help suppliers comply with U.S. DFARS 7012
    DFARS 7012 is an example of how customers’ concerns about protecting their information in the custody of suppliers and outsourced...
    DFARS 7012 is an example of how customers’ concerns about protecting their information in the custody of suppliers and outsourced services has led to the establishment of ever more complex security requirements for those who...
    How to demonstrate resource provision in ISO 27001
    The availability of resources is a critical point in any endeavor. You can have the best ideas and the best...
    The availability of resources is a critical point in any endeavor. You can have the best ideas and the best intentions, but if you lack resources you are doomed to failure. So, it may seem...
    How to apply information security controls in teleworking according to ISO 27001
    Allowing employees to work away from the office, i.e., outside of the physical premises of the organization (otherwise known as...
    Allowing employees to work away from the office, i.e., outside of the physical premises of the organization (otherwise known as “teleworking”) is becoming a common practice in the way to do business today. The ability...
    How to identify ISMS requirements of interested parties in ISO 27001
    “If you do not know where you’re going, you’re unlikely to end there.” This saying from the title character in...
    “If you do not know where you’re going, you’re unlikely to end there.” This saying from the title character in the movie Forrest Gump describes perfectly why many projects fail: lack of clear requirements. Definition...
    How to integrate ISO 27001 A.14 controls into the system/software development life cycle (SDLC)
    Information security is only as good as the processes related to it, yet we find many organizations concerned only about...
    Information security is only as good as the processes related to it, yet we find many organizations concerned only about whether security features exist and are active in their information systems, and not how they...
    How two-factor authentication enables compliance with ISO 27001 access controls
    Access control is one of the cornerstones of security. If you cannot control who access what, you cannot ensure security...
    Access control is one of the cornerstones of security. If you cannot control who access what, you cannot ensure security at all. Because of that, access control stays in the main focus of security teams...