Show me desktop version
CALL US +1 (646) 759 9933

The ISO 27001 & ISO 22301 Blog

ISO 22301 vs. BS 25999-2 – An Infographic

A new business continuity standard (ISO 22301) was published very recently, so I’ve decided to compare this new standard with the old BS 25999-2 standard. Feel free to add comments below! __   Click here to learn more: What is ISO 22301? Free webinar – What’s new in ISO 22301: …

Read More ...

Do you really need a consultant for ISO 27001 / BS 25999 implementation?

I’ve met quite a few companies considering how to start their ISO 27001 / BS 25999 project, with quite different approaches – some are convinced they can do it completely on their own (with no prior ISO 27001 knowledge), while others thought they can do it with the help of …

Read More ...

How long does it take to implement ISO 27001 / BS 25999?

This is probably the second most common question I hear about ISO 27001 and BS 25999 (the first one is How much does it cost?). Well, the answer is not really encouraging – most of the people I speak to expect it to be a few months. But this is …

Read More ...

Activation procedures for business continuity plan

Having a business continuity plan is nice, but if you don’t know when and how to start using it, the money you’ve invested in it was spent in vain. Even worse, you’ll likely lose quite a lot of money because your business operations will be disrupted. What is a business …

Read More ...

Cloud computing and ISO 27001 / BS 25999

More and more often people ask me how to deal with cloud computing in the context of ISO 27001 and BS 25999. My answer is: use common sense. Their dilemma is quite understandable – these standards were written before cloud computing was such a big issue, and there is no …

Read More ...

Business continuity for small businesses – necessity or not?

Does it make sense to implement business continuity in smaller companies? Why would they need something as costly as this if the owner of the business has all the necessary information in his/her head? Let me start with a story I heard recently – a small company (involved in the …

Read More ...

How to learn about ISO 27001 and BS 25999-2

Training is certainly one of the best ways to facilitate your ISO 27001 and BS 25999-2 implementation. As there are more and more types of courses available, I’ll try to explain their benefits and the differences between them. The first is the list of in-person courses – these courses are …

Read More ...

BS 25999-2 implementation checklist

Your management has given you the task to implement business continuity, but you’re not really sure how to do it? Although it is not an easy task, you can use the BS 25999-2 methodology to make your life easier – here are the main steps necessary to implement this standard: …

Read More ...

Five Tips for Successful Business Impact Analysis

You have probably wondered why you have to perform business impact analysis (BIA) once you already did the risk assessment. You identified all the risks, didn’t you? Spent quite a lot of time analyzing your company, why then yet another analysis? Well, the purpose of BIA is different. In business …

Read More ...

How to write business continuity plans?

If you started implementing business continuity management, probably the biggest challenge you are facing is writing the business continuity plans. Why is it so difficult? Well, you have to think of various scenarios under which a disaster (or other kind of disruption of business activities) can occur, and you have …

Read More ...

Document management in ISO 27001 & BS 25999-2

Why is it that ISO 27001 and BS 25999-2 put such an emphasis on the control of documents? Both standards define very strictly how the documents must be managed, and require that the organization must have a documented procedure for managing documents – even worse, you won’t get certified unless …

Read More ...

Dilemmas with ISO 27001 & BS 25999-2 internal auditors

If this is the first time you have come across the notion of internal auditor, you are probably puzzled – Why would I need another control? Who is going to pay for it? Who should I employ to do it? It is such a waste of time… Well, it doesn’t …

Read More ...

Can business continuity strategy save your money?

You are thinking about implementing the business continuity management/BS 25999-2 standard? But then you hear it will cost you a lot? It probably will cost you, but not necessarily as much as you thought – this you can solve with good business continuity strategy. Business continuity strategy, as defined in …

Read More ...

Using ISO 9001 for implementing ISO 27001

You have already implemented ISO 9001? You have heard that ISO 27001 might be a good idea? But how can something that has to do with quality help you implement information security? It can, more than you may think. ISO 9001 specifies how the quality management systems (QMS) must look …

Read More ...
FREE ISO 27001/22301 CONSULTATION
Dejan Kosutic
Lead ISO 27001/22301 Expert, Advisera

GET FREE ADVICE

ISO 27001 & ISO 22301
Free Downloads

 

Upcoming free webinar
How to use a Documentation Toolkit for the implementation of ISO 27001 / ISO 22301
Wednesday - January 17, 2018
Show posts:

OUR CLIENTS

OUR PARTNERS

  • Exemplar Global (formerly RABQSA) is leading international authority in certification of training providers.
  • ITIL® is a registered trade mark of AXELOS Limited. Used under licence of AXELOS Limited. All rights reserved.
  • DNV GL Business Assurance is one of the leading providers of accredited management systems certification.
Request callback
Request callback

Or call us directly

International calls
+1 (646) 759 9933