ISO 27001 in the banking industry: “One standard to rule them all”
Tom van der Stoop
Why should banks go with ISO 27001? If you know the “Lord of the Rings” saga, the headline of this...
Why should banks go with ISO 27001? If you know the “Lord of the Rings” saga, the headline of this article probably sounds familiar. “One ring to rule them all” refers to the magic ring...
Do we need to make the transition from ISO 22301:2012 to the 2019 revision?
Rhand Leal
The new revision of ISO 22301 was finally published on October 31, 2019, and you are probably asking yourself whether...
The new revision of ISO 22301 was finally published on October 31, 2019, and you are probably asking yourself whether you need to implement the whole standard all over again. Well, a new implementation is...
3 reasons why ISO 27001 helps to protect confidential information in law firms
Francesca Lucarini
ISO 27001 is about protecting information through a set of requirements that, among other methods, preserve information from unauthorized access...
ISO 27001 is about protecting information through a set of requirements that, among other methods, preserve information from unauthorized access or use. Every organization handles a variety of information with different associated risks depending on...
How to know which firms are ISO 27001 certified
You have an important project to develop, and you need to hire some external partner, e.g., a SaaS company, to...
You have an important project to develop, and you need to hire some external partner, e.g., a SaaS company, to make it to the end. You’ve determined information security to be one of the top-priority...
Why is it important for your hosting partner to be certified against ISO 27001?
Andrea Giesler
When it comes to choosing suppliers and service providers for your company, you should work with the utmost care. As...
When it comes to choosing suppliers and service providers for your company, you should work with the utmost care. As we will discuss in this article, your company’s success – and even its survival –...
ISO 27001 for startups – is it worth investing in?
In the days of data breaches and growing public awareness of data protection, startups should take information security seriously. Most...
In the days of data breaches and growing public awareness of data protection, startups should take information security seriously. Most startups also need to generate revenue quickly, so securing growth and revenue are their main...
ISO 27001 vs. COBIT: A comparison
Neha Yadav
Update 2022-04-26. We often come across discussions related to comparisons of different governance standards and frameworks, such as ISO 27001...
Update 2022-04-26. We often come across discussions related to comparisons of different governance standards and frameworks, such as ISO 27001 and COBIT. ISO 27001 focuses on information security controls, while on the other hand, COBIT,...
What is a remote access policy and how do you develop it with ISO 27001?
Kishore Kumar
Update 2022-03-11. In this era of data-driven IT, managing and securing your data / information has become the most integral...
Update 2022-03-11. In this era of data-driven IT, managing and securing your data / information has become the most integral part of running your business. In the article below, we will take you through the...
A success story about implementation of ISO 27001 and 9001: How online platform Doccle did it
Marja Colak
Is it possible for a SaaS company to implement ISO standards, and how and why should SaaS companies get certified?...
Is it possible for a SaaS company to implement ISO standards, and how and why should SaaS companies get certified? On your way to success, this is an important step, and this is just what...
TISAX – What is it, and how is it related to ISO 27001?
Antonio Jose Segovia
Update 2022-08-11. You probably know what ISO 27001 is, because it is an international standard, very popular in the information...
Update 2022-08-11. You probably know what ISO 27001 is, because it is an international standard, very popular in the information security sector, that helps organizations of all sectors to protect their information. But, did you...
The most common physical and network controls when implementing ISO 27001 in a data center
Security controls for Data Centers are becoming a huge challenge due to increasing numbers of devices and equipment being added. ...
Security controls for Data Centers are becoming a huge challenge due to increasing numbers of devices and equipment being added. In this article you will see how to build an ISO 27001 compliant Data Center...
Why is ISO 27001 applicable also for paper-based information?
Although digital information has become the generally accepted standard for handling information, there might be situations where organizations still use...
Although digital information has become the generally accepted standard for handling information, there might be situations where organizations still use paper-based information, and this documentation also must be protected according to its sensitivity and importance...
ISO 27001 information security event vs. incident vs. non-compliance
Update 2022-04-25. No environment can be 100% secure. Problems (which can be broadly described as “occurrences” or “deviations”) will happen,...
Update 2022-04-25. No environment can be 100% secure. Problems (which can be broadly described as “occurrences” or “deviations”) will happen, but not all problems need to be treated the same way, and this can have...
RACI matrix for ISO 27001 implementation project
Very often, an ISO 27001 implementation project is a multi-level and multidisciplinary endeavor, where personnel involved have different roles and responsibilities...
Very often, an ISO 27001 implementation project is a multi-level and multidisciplinary endeavor, where personnel involved have different roles and responsibilities as the project progresses. To help clarify and control personnel involvement and to establish the...
Does ISO 27001 help CCPA compliance?
In the wake of the increasing concerns over privacy protection, the U.S. state of California passed a new regulation at...
In the wake of the increasing concerns over privacy protection, the U.S. state of California passed a new regulation at the end of June of this year to ensure the protection of Californian consumers. Coming...
What to consider in case of termination or change of employment according to ISO 27001
As relationships between people and organizations evolve, it is natural for work situations to change. Concluded contracts lead to termination...
As relationships between people and organizations evolve, it is natural for work situations to change. Concluded contracts lead to termination of employment relationships, and opportunities or gaps in roles or functions lead people to relocate...
What to consider in security terms and conditions for employees according to ISO 27001
A good way to ensure that people are aware of their roles and responsibilities in an organization is by defining...
A good way to ensure that people are aware of their roles and responsibilities in an organization is by defining policies and procedures to be followed. But this solution has a limitation: they only cover...
How to use Open Web Application Security Project (OWASP) for ISO 27001?
Essentially, OWASP (Open Web Application Security Project) is an online community developing international open projects related to Web Application Security....
Essentially, OWASP (Open Web Application Security Project) is an online community developing international open projects related to Web Application Security. Mainly, it was created to develop secure web applications. Most of these projects have documents,...
How to perform background checks according to ISO 27001
Update 2022-03-16. “The human factor is the weakest link in the security.” How many times have we already heard this...
Update 2022-03-16. “The human factor is the weakest link in the security.” How many times have we already heard this sentence? How many stories have we already heard about security incidents caused by human failure...
Can ISO 27001 help your organization in a DDoS attack?
In a connected world where hundreds of transactions are made every minute, every second your systems are down or inaccessible...
In a connected world where hundreds of transactions are made every minute, every second your systems are down or inaccessible may represent a significant impact on your organizations’ business. And, while prevention of infrastructure failures...
