ISO 27001 in the banking industry: “One standard to rule them all”
Tom van der Stoop
Why should banks go with ISO 27001? If you know the “Lord of the Rings” saga, the headline of this...
Why should banks go with ISO 27001? If you know the “Lord of the Rings” saga, the headline of this article probably sounds familiar. “One ring to rule them all” refers to the magic ring...
How to demonstrate resource provision in ISO 27001
Rhand Leal
The availability of resources is a critical point in any endeavor. You can have the best ideas and the best...
The availability of resources is a critical point in any endeavor. You can have the best ideas and the best intentions, but if you lack resources you are doomed to failure. So, it may seem...
How to identify ISMS requirements of interested parties in ISO 27001
“If you do not know where you’re going, you’re unlikely to end there.” This saying from the title character in...
“If you do not know where you’re going, you’re unlikely to end there.” This saying from the title character in the movie Forrest Gump describes perfectly why many projects fail: lack of clear requirements. Definition...
What does ISO 27001 Lead Implementer training look like?
Nina Ugrinoska
The ISMS (Information Security Management System) plays a very important role in every business these days. Since implementation of the...
The ISMS (Information Security Management System) plays a very important role in every business these days. Since implementation of the ISMS can be a complex process (and usually differs in each industry sector), in order...
Segregation of duties in your ISMS according to ISO 27001 A.6.1.2
Today’s automated solutions and information and communication technologies allow a few people to handle a great deal of information and...
Today’s automated solutions and information and communication technologies allow a few people to handle a great deal of information and processes (e.g., stock exchange operators and air traffic controllers). While this is good to improve...
What does ISO 27001 Lead Auditor training look like?
Updated: August 20, 2023. In the last four years I’ve been preparing and presenting a lot of trainings for ISO...
Updated: August 20, 2023. In the last four years I’ve been preparing and presenting a lot of trainings for ISO 27001 Lead Auditor. At the end, participants understand that this is just the beginning of the...
What is an Information Security Management System (ISMS)?
Dejan Kosutic
Updated: November 8, 2023. If you’re working with ISO 27001, you’ve surely came across the term “Information Security Management System”...
Updated: November 8, 2023. If you’re working with ISO 27001, you’ve surely came across the term “Information Security Management System” or ISMS. Pretty vague term, isn’t it? In the following article, we will give you...
Key performance indicators for an ISO 27001 ISMS
Think about a medical exam. Our objective is for the physician to tell us that our health is ok and...
Think about a medical exam. Our objective is for the physician to tell us that our health is ok and that we’ll live a long life, right? And how does the physician evaluate our health...
How to manage changes in an ISMS according to ISO 27001 A.12.1.2
Antonio Jose Segovia
Changes are necessary in the information technology sector, mainly because every so often it is necessary to update servers, systems,...
Changes are necessary in the information technology sector, mainly because every so often it is necessary to update servers, systems, etc. But risks (seen from an information security point of view) arise when changes are...
ISO 27001 Certification: What’s next after receiving the audit report?
For those who already run a management system, like an ISMS based on ISO 27001, the certification audit event is already...
For those who already run a management system, like an ISMS based on ISO 27001, the certification audit event is already known: the auditor arrives, performs the audit opening, evaluates processes and records, states the result,...
