Risk appetite and its influence over ISO 27001 implementation
Rhand Leal
Clause 6.1.2 (a) (1) of ISO 27001:2013 states that an organization must establish and maintain information security risk criteria, and those...
Clause 6.1.2 (a) (1) of ISO 27001:2013 states that an organization must establish and maintain information security risk criteria, and those must include criteria for risk acceptance. Since these criteria have direct influence on how organizational...
8 criteria to decide which ISO 27001 policies and procedures to write
Dejan Kosutic
If you’re just starting to implement ISO 27001 in your company, you’re probably in a dilemma as to how many documents you...
If you’re just starting to implement ISO 27001 in your company, you’re probably in a dilemma as to how many documents you need to have, and whether to write certain policies and procedures or not. Criteria for...
How to become an ISO 27001 / ISO 22301 consultant
If you are thinking about a career change, becoming an independent consultant for ISO 27001 and/or ISO 22301 certainly sounds like an...
If you are thinking about a career change, becoming an independent consultant for ISO 27001 and/or ISO 22301 certainly sounds like an attractive option. But what do you need to know, and what do you need to...
How to maintain the ISMS after the certification
If you thought that your job was over after the ISO 27001 certification, you’re wrong – the real job with...
If you thought that your job was over after the ISO 27001 certification, you’re wrong – the real job with your Information Security Management System (ISMS) has just begun. OK, but where do you start?...
6-step process for handling supplier security according to ISO 27001
Updated: March 22, 2023, according to the ISO 27001 2022 revision. Since more and more data is being processed and...
Updated: March 22, 2023, according to the ISO 27001 2022 revision. Since more and more data is being processed and stored with third parties, the protection of such data is becoming an increasingly significant issue...
Lead Auditor Course vs. Lead Implementer Course – Which one to go for?
If you are just entering the world of ISO 27001 or ISO 22301, you’re probably considering going for some training....
If you are just entering the world of ISO 27001 or ISO 22301, you’re probably considering going for some training. This is certainly a good idea; however, which course is better for you – Lead...
