How to perform an ISO 27001 second-party audit of an outsourced supplier
Rhand Leal
To focus on their core business, many organizations rely on outsourced suppliers to perform support processes. While this approach may...
To focus on their core business, many organizations rely on outsourced suppliers to perform support processes. While this approach may bring benefits like costs savings, and access to expert knowledge and state-of-the-art technology, it can...
How to maintain the ISMS after the certification
Dejan Kosutic
If you thought that your job was over after the ISO 27001 certification, you’re wrong – the real job with...
If you thought that your job was over after the ISO 27001 certification, you’re wrong – the real job with your Information Security Management System (ISMS) has just begun. OK, but where do you start?...
Major vs. minor nonconformities in the certification audit
If your company is considering going for the certification, it is always a good thing to know what to expect....
If your company is considering going for the certification, it is always a good thing to know what to expect. Since nonconformities are one of the most important outcomes of the certification audit (and the...
Chief Information Security Officer (CISO) – where does he belong in an org chart?
Companies that start implementing an information security program, or specifically ISO 27001, very soon realize that they cannot do it...
Companies that start implementing an information security program, or specifically ISO 27001, very soon realize that they cannot do it without a person who would coordinate and manage such activities. But then they face the...
5 ways to avoid overhead with ISO 27001 (and keep the costs down)
There are probably two main thoughts managers have when starting ISO 27001 implementation: (1) we’ll pay quite a lot of...
There are probably two main thoughts managers have when starting ISO 27001 implementation: (1) we’ll pay quite a lot of money for something we’re not sure is worth it; and (2) the annoyance of maintaining...
