ISO 27001 Case study for data centers: An interview with Goran Djoreski
Dejan Kosutic
DK: More than a year and a half has passed since you were certified by ISO 27001 – what are...
DK: More than a year and a half has passed since you were certified by ISO 27001 – what are your impressions? Was it really worth it? GD: It was definitely worth it, since it...
How to address main concerns with ISO 27001 implementation
Last week I delivered two webinars on the topic of ISO 27001, and I have asked the attendees to send...
Last week I delivered two webinars on the topic of ISO 27001, and I have asked the attendees to send me their top concerns regarding ISO 27001 implementation before those webinars. I’ve summarized most common...
One Information Security Policy, or several policies?
Very often I see questions on various forums on how to develop an Information Security Policy. Quite frankly, I don’t...
Very often I see questions on various forums on how to develop an Information Security Policy. Quite frankly, I don’t think it is a good idea to stuff all the security rules into a single...
5 ways to avoid overhead with ISO 27001 (and keep the costs down)
There are probably two main thoughts managers have when starting ISO 27001 implementation: (1) we’ll pay quite a lot of...
There are probably two main thoughts managers have when starting ISO 27001 implementation: (1) we’ll pay quite a lot of money for something we’re not sure is worth it; and (2) the annoyance of maintaining...
ISO 27001 control objectives – Why are they important?
Note: this article was updated according the 2013 version of ISO 27001 Peter Drucker (one of the most influential thinkers...
Note: this article was updated according the 2013 version of ISO 27001 Peter Drucker (one of the most influential thinkers on the subject of management theory) said “What gets measured gets managed”. The same goes...
Problems with defining the scope in ISO 27001
You probably knew that the first step in ISO 27001 implementation is defining the scope. What you probably didn’t know...
You probably knew that the first step in ISO 27001 implementation is defining the scope. What you probably didn’t know is that this step, although simple at first glance, can sometimes cause you quite a...
Information security policy – how detailed should it be?
Quite often I see information security policies written in too much detail, trying to cover everything from strategic objectives to...
Quite often I see information security policies written in too much detail, trying to cover everything from strategic objectives to how many numerical digits a password should contain. The only problem with such policies is...
Dilemmas with ISO 27001 & BS 25999-2 internal auditors
If this is the first time you have come across the notion of internal auditor, you are probably puzzled –...
If this is the first time you have come across the notion of internal auditor, you are probably puzzled – Why would I need another control? Who is going to pay for it? Who should...
How to become ISO 27001 Lead Auditor
Updated: November 14, 2022. Many people think that just by attending the ISO 27001 Lead Auditor Course they have become the...
Updated: November 14, 2022. Many people think that just by attending the ISO 27001 Lead Auditor Course they have become the ISO 27001 Lead Auditor. Well, this is not entirely true. This article will show the...
