How to use firewalls in ISO 27001 and ISO 27002 implementation
Antonio Jose Segovia
A firewall is basically software that manages connections between different networks (internal or external), and has the ability to accept...
A firewall is basically software that manages connections between different networks (internal or external), and has the ability to accept a connection, reject it, or filter it under certain parameters. Because this is a key...
ISO 27001 Certification: What’s next after receiving the audit report?
Rhand Leal
For those who already run a management system, like an ISMS based on ISO 27001, the certification audit event is already...
For those who already run a management system, like an ISMS based on ISO 27001, the certification audit event is already known: the auditor arrives, performs the audit opening, evaluates processes and records, states the result,...
CISA vs. ISO 27001 Lead Auditor certification
In a previous post, I talked about personal certifications helping the organization to comply with ISO 27001 clause 7.2 (see this...
In a previous post, I talked about personal certifications helping the organization to comply with ISO 27001 clause 7.2 (see this post How personal certificates can help your company’s ISMS). In today’s post, I will show...
Understanding ISO 27001 Language
One of the main rules of good communication is to adjust your speech to the target audience. ISO 27001 has...
One of the main rules of good communication is to adjust your speech to the target audience. ISO 27001 has its own set of terms, useful to leverage the understanding between security practitioners. However, an...
Achieving continual improvement through the use of maturity models
Like any other ISO management system, ISO 27001 has a requirement for continual improvement (clause 10.2). It is like that because...
Like any other ISO management system, ISO 27001 has a requirement for continual improvement (clause 10.2). It is like that because no process, no matter how well established and implemented, compliant with ISO standards or not,...
Special interest groups: A useful resource to support your ISMS
An Information Security Management System (ISMS) is only as good as its ability to keep up with the requirements of...
An Information Security Management System (ISMS) is only as good as its ability to keep up with the requirements of the business and provide adequate protection against the risks the organization is exposed to. To...
