How to implement network segregation according to ISO 27001 control A.13.1.3
Rhand Leal
Update 2022-09-06. Think about a house, or office, with only one big space where you can arrange all your loved...
Update 2022-09-06. Think about a house, or office, with only one big space where you can arrange all your loved and precious things the way you think most appropriate. Tempting, isn’t it? The flexibility to...
ISO 27001 project management: Implementing complex security controls using Work Breakdown Structure (WBS)
What do diverse situations like the Battle of Trafalgar (1805), the Cooley–Tukey FFT algorithm (1965), and the multi-sided market competition...
What do diverse situations like the Battle of Trafalgar (1805), the Cooley–Tukey FFT algorithm (1965), and the multi-sided market competition have in common? They are all examples of big or complex problems divided into smaller...
How to manage technical vulnerabilities according to ISO 27001 control A.12.6.1
You have certainly already heard, or lived, this scenario: it is a normal day and the systems are working fine,...
You have certainly already heard, or lived, this scenario: it is a normal day and the systems are working fine, when suddenly they slow down for no apparent reason or simply stop. User support starts...
What is a BYOD policy, and how can you easily write one using ISO 27001 controls?
One would expect that ISO 27001, the leading information security standard, would have strict requirements regarding BYOD. However, you would...
One would expect that ISO 27001, the leading information security standard, would have strict requirements regarding BYOD. However, you would be surprised – such requirements do not exist, and what’s more, BYOD is ever mentioned...
How to perform monitoring and measurement in ISO 27001
Performance monitoring and measurement are key actions in the maintenance and improvement of any system. (See this article for more...
Performance monitoring and measurement are key actions in the maintenance and improvement of any system. (See this article for more information: Achieving continual improvement through the use of maturity models.) ISO 27001 recognizes their importance in...
ISO 27001 Certification: What’s next after receiving the audit report?
For those who already run a management system, like an ISMS based on ISO 27001, the certification audit event is already...
For those who already run a management system, like an ISMS based on ISO 27001, the certification audit event is already known: the auditor arrives, performs the audit opening, evaluates processes and records, states the result,...
