All over the world, customers are becoming more and more concerned about how vendors working for them can affect their results. As a consequence, they increasingly require evidence showing that the services provided to them are trustworthy, and a way to prove that is by providing a Service Organization Control …
Read More ...All over the world, organizations in the healthcare industry are becoming more and more interested in protecting their patients’ information; but, in the United States, this need goes back to 1996, with the enforcement of HIPAA (Health Insurance Portability and Accountability Act), which regulates the use and disclosure of U.S. …
Read More ...The pandemic has increased organizations’ interest in business continuity, as a way to protect themselves against disruption of their operations. However, in most cases, there is no time to wait for learning about business continuity processes, policies, procedures, and terms. In this article, we offer help in understanding the difference …
Read More ...Think of a circus juggler balancing dishes, bowls, and other flat objects on sticks. He needs to pay constant attention so as not to let them fall, rotating them at sufficient speed and at the right time. This situation is similar to managing investments in security, where the juggler is …
Read More ...In response to the recent COVID-19 outbreak, the International Organization for Standardization (ISO) has provided free access to some of its key standards supporting business continuity management, resilience, and risk management. The standards are available in read-only format, and you can find the links here: ISO 22301:2019 Security and resilience – …
Read More ...If you are an ISO 27001 practitioner, you are a professional trained to establish, implement, maintain, and continually improve a risk-managed Information Security Management System (ISMS). You probably already know that many of your skills and expertise are useful also in implementing the EU GDPR. So, in order to increase …
Read More ...You probably know what the GDPR (General Data Protection Regulation) is, and maybe you also know about information security and the ISO 27001 series standards, but do you know that there is an international standard that is an integration between the general requirements of the GDPR, the Information Security Management …
Read More ...On October 31, 2019, the new revision of the ISO 22301 standard was published. This is the latest revision of the standard on which organizations base their Business Continuity Management Systems (BCMS). This new revision follows an approach similar to that of other ISO management systems, such as ISO 9001 …
Read More ...Why should banks go with ISO 27001? If you know the “Lord of the Rings” saga, the headline of this article probably sounds familiar. “One ring to rule them all” refers to the magic ring with the power to control all other magic rings. Am I saying that ISO 27001 …
Read More ...The new revision of ISO 22301 was finally published on October 31, 2019, and you are probably asking yourself whether you need to implement the whole standard all over again. Well, a new implementation is not quite necessary – although the 2019 revision did bring some changes, they are not …
Read More ...ISO 27001 is about protecting information through a set of requirements that, among other methods, preserve information from unauthorized access or use. Every organization handles a variety of information with different associated risks depending on the people or the functional department to which it refers. Law firms are an example …
Read More ...You have an important project to develop, and you need to hire some external partner, e.g., a SaaS company, to make it to the end. You’ve determined information security to be one of the top-priority criteria that should be fulfilled when deciding which vendor to select for your screening process. …
Read More ...When it comes to choosing suppliers and service providers for your company, you should work with the utmost care. As we will discuss in this article, your company’s success – and even its survival – may depend on it. Today, we take a closer look at why you should go …
Read More ...The ISO 27001 standard offers requirements and a structure that will provide guidance in implementing an Information Security Management System (ISMS). As a management system, ISO 27001 is based on continuous improvement – in this article, you will learn more about how this is reflected in the ISO 27001 requirements …
Read More ...