CISA vs. ISO 27001 Lead Auditor certification
Rhand Leal
In a previous post, I talked about personal certifications helping the organization to comply with ISO 27001 clause 7.2 (see this...
In a previous post, I talked about personal certifications helping the organization to comply with ISO 27001 clause 7.2 (see this post How personal certificates can help your company’s ISMS). In today’s post, I will show...
How to structure the documents for ISO 27001 Annex A controls
Dejan Kosutic
Updated: April 19, 2023, according to the ISO 27001 2022 revision. Once you’ve finished your risk assessment and treatment, it...
Updated: April 19, 2023, according to the ISO 27001 2022 revision. Once you’ve finished your risk assessment and treatment, it is time for you to start writing documents that describe your security controls according to...
How to create a Communication Plan according to ISO 27001
Jean-Luc Allard
Communicating is a key activity for any human being. This is also the case for an organization. It helps through...
Communicating is a key activity for any human being. This is also the case for an organization. It helps through exchanging the most correct information to the best audience and at the best moment. It...
Roles and responsibilities of top management in ISO 27001 and ISO 22301
Did you know that, in most cases, failure to implement ISO 27001 or ISO 22301 was directly related to the...
Did you know that, in most cases, failure to implement ISO 27001 or ISO 22301 was directly related to the fact that top management did not want to assume their responsibilities for information security /...
Why is management review important for ISO 27001 and ISO 22301?
Like some other clauses in ISO 27001 and ISO 22301, clause 9.3, which defines requirements for management review, is one...
Like some other clauses in ISO 27001 and ISO 22301, clause 9.3, which defines requirements for management review, is one of the most misunderstood and most underappreciated elements of these standards. In practice, this review...
