How to document roles and responsibilities according to ISO 27001
Dejan Kosutic
Information security professionals who are new in ISO 27001 very often tend to think this standard requires a very centralized and very...
Information security professionals who are new in ISO 27001 very often tend to think this standard requires a very centralized and very detailed definition of roles and responsibilities. Actually, this is not true. Please don’t get me...
How ISO 27001 and ISO 27799 complement each other in health organizations
Antonio Jose Segovia
More and more hospitals are interested in protecting their patient information, but they see ISO 27001 as not being specific enough....
More and more hospitals are interested in protecting their patient information, but they see ISO 27001 as not being specific enough. Although it covers many general aspects about information security, you can integrate it with other...
The blessing of continuous improvement in ISO 22301
Wolfgang Mahr
As with any other ISO management standard, not improving is not an option in ISO 22301. Best results can be...
As with any other ISO management standard, not improving is not an option in ISO 22301. Best results can be achieved if improvements are applied to different aspects of the BCM approach. What improvement area...
What is the ISO 27001 Information Security Policy, and how can you write it yourself?
Update 2022-04-08. The content of an Information Security Policy is certainly one of the biggest myths related to ISO 27001...
Update 2022-04-08. The content of an Information Security Policy is certainly one of the biggest myths related to ISO 27001 – very often, the purpose of this document is misunderstood, and in many cases, people...
What is an Information Security Management System (ISMS)?
Updated: November 8, 2023. If you’re working with ISO 27001, you’ve surely came across the term “Information Security Management System”...
Updated: November 8, 2023. If you’re working with ISO 27001, you’ve surely came across the term “Information Security Management System” or ISMS. Pretty vague term, isn’t it? In the following article, we will give you...
How to use NIST SP 800-53 for the implementation of ISO 27001 controls
Rhand Leal
Update 2022-09-07. In my previous article, How to use the NIST SP800 series of standards for ISO 27001 implementation, I...
Update 2022-09-07. In my previous article, How to use the NIST SP800 series of standards for ISO 27001 implementation, I made a description about the NIST SP800 series (documents describing computer security practices, published by...
