The ISO 27001 & ISO 22301 Blog

Andrea Giesler

Why is it important for your hosting partner to be certified against ISO 27001?

When it comes to choosing suppliers and service providers for your company, you should work with the utmost care. As we will discuss in this article, your company’s success – and even its survival – may depend on it. Today, we take a closer look at why you should go …

Read More ...
Andrea Giesler

What do the ISO 27001 requirements and structure look like?

The ISO 27001 standard offers requirements and a structure that will provide guidance in implementing an Information Security Management System (ISMS). As a management system, ISO 27001 is based on continuous improvement – in this article, you will learn more about how this is reflected in the ISO 27001 requirements …

Read More ...
Andrea Giesler

ISO 27001 for startups – is it worth investing in?

In the days of data breaches and growing public awareness of data protection, startups should take information security seriously. Most startups also need to generate revenue quickly, so securing growth and revenue are their main objectives since everything centers around the idea of bringing a product to the market and …

Read More ...
Neha Yadav

ISO 27001 vs. COBIT: A comparison

We often come across discussions related to comparisons of different governance standards and frameworks, such as ISO 27001 and COBIT. ISO 27001 focuses on information security controls, while on the other hand, COBIT, which is a governance framework, also includes some ISO 27001-related topics such as security, risks, managing changes, …

Read More ...
Kishore Kumar

What to include in an ISO 27001 remote access policy

In this era of data-driven IT, managing and securing your data / information has become the most integral part of running your business. In the article below, we will take you through the best practices to consider for an ISO 27001-compliant remote access policy and effective implementation of information security controls. …

Read More ...
Marja Colak

A success story about implementation of ISO 27001 and 9001: How online platform Doccle did it

Is it possible for a SaaS company to implement ISO standards, and how and why should SaaS companies get certified? On your way to success, this is an important step, and this is just what Doccle did, when it broke out as a unique digital player in Belgium and beyond. …

Read More ...
Gary Hinson

What are the benefits of security awareness training for organizations?

When learning about information security, we become broadly aware of general risks to information plus basic controls through a gradual and widespread educational process, sometimes supplemented with more intensive training in specific areas (such as how to respond to security warnings, and how to recognize and handle privacy issues). This …

Read More ...
Antonio Jose Segovia

How ISO 27001 and TISAX are related

You probably know what ISO 27001 is, because it is an international standard, very popular in the information security sector, that helps organizations of all sectors to protect their information. But, did you know that the automotive industry is also interested in information security, and that they even have their …

Read More ...
Neha Yadav

The most common physical and network controls when implementing ISO 27001 in a data center

Security controls for Data Centers are becoming a huge challenge due to increasing numbers of devices and equipment being added.  In this article you will see how to build an ISO 27001 compliant Data Center by identification and effective implementation of information security controls. The article summarizes ISO 27001 Data …

Read More ...
Rhand Leal

Why is ISO 27001 applicable also for paper-based information?

Although digital information has become the generally accepted standard for handling information, there might be situations where organizations still use paper-based information, and this documentation also must be protected according to its sensitivity and importance to the business. While it may be perceived more as a standard related to digital …

Read More ...
Rhand Leal

ISO 27001 information security event vs. incident vs. non-compliance

No environment can be 100% secure. Problems (which can be broadly described as “occurrences” or “deviations”) will happen, but not all problems need to be treated the same way, and this can have a significant impact on the effort, and costs, of security management. This article will present three concepts …

Read More ...
Rhand Leal

RACI matrix for ISO 27001 implementation project

Very often, an ISO 27001 implementation project is a multi-level and multidisciplinary endeavor, where personnel involved have different roles and responsibilities as the project progresses. To help clarify and control personnel involvement, many projects make use of the RACI matrix, and in this article, we’ll show one example of how to …

Read More ...
Antonio Jose Segovia

5 practical tips for media disposal according to ISO 27001

Today, media devices are less common than they were some years ago, because the current trend is the cloud, although there are still a lot of people using pen drives, external hard drives, etc. And, of course, all the information in the cloud is ultimately stored on a server, i.e., …

Read More ...
Rhand Leal

Does ISO 27001 help CCPA compliance?

In the wake of the increasing concerns over privacy protection, the U.S. state of California passed a new regulation at the end of June of this year to ensure the protection of Californian consumers. Coming into force by January 1, 2020, this law requires new levels of commitment by organizations …

Read More ...

OUR CLIENTS

OUR PARTNERS

  • Advisera is Exemplar Global Certified TPECS Provider for the IS, QM, EM, TL and AU Competency Units.
  • ITIL® is a registered trade mark of AXELOS Limited. Used under licence of AXELOS Limited. All rights reserved.
  • DNV GL Business Assurance is one of the leading providers of accredited management systems certification.