• (0)
    ISO-27001-ISO-22301-blog

    Tag: “ISMS”

    What is an Information Security Management System (ISMS) according to ISO 27001?
    If you’ve started an  ISO 27001 implementation, you’ve surely come up with the term Information Security Management System or ISMS....
    If you’ve started an  ISO 27001 implementation, you’ve surely come up with the term Information Security Management System or ISMS. Pretty vague term, isn’t it? And yet, the ISMS is the main “product” of ISO...
    Key performance indicators for an ISO 27001 ISMS
    Think about a medical exam. Our objective is for the physician to tell us that our health is ok and...
    Think about a medical exam. Our objective is for the physician to tell us that our health is ok and that we’ll live a long life, right? And how does the physician evaluate our health...
    How to manage changes in an ISMS according to ISO 27001 A.12.1.2
    Changes are necessary in the information technology sector, mainly because every so often it is necessary to update servers, systems,...
    Changes are necessary in the information technology sector, mainly because every so often it is necessary to update servers, systems, etc. But risks (seen from an information security point of view) arise when changes are...
    ISO 27001 Certification: What’s next after receiving the audit report?
    For those who already run a management system, like an ISMS based on ISO 27001, the certification audit event is already...
    For those who already run a management system, like an ISMS based on ISO 27001, the certification audit event is already known: the auditor arrives, performs the audit opening, evaluates processes and records, states the result,...
    CISA vs. ISO 27001 Lead Auditor certification
    In a previous post, I talked about personal certifications helping the organization to comply with ISO 27001 clause 7.2 (see this...
    In a previous post, I talked about personal certifications helping the organization to comply with ISO 27001 clause 7.2 (see this post How personal certificates can help your company’s ISMS). In today’s post, I will show...
    Risk assessment vs. internal audit in ISO 27001 and ISO 22301
    Quite often I see people searching for ISO 27001 or ISO 22301 checklists for performing the internal audit; however, they expect those...
    Quite often I see people searching for ISO 27001 or ISO 22301 checklists for performing the internal audit; however, they expect those checklists to help them with, e.g., which information does the organization have, who has access...