• (0)
    ISO-27001-ISO-22301-blog

    Tag: “ISMS”

    Implement ISO 27001 according to current 2005 revision, or wait for new 2013 revision?
    Update 2013-09-25: ISO/IEC 27001:2013 was published on September 25, 2013. Currently, the most repeated question I hear from companies implementing...
    Update 2013-09-25: ISO/IEC 27001:2013 was published on September 25, 2013. Currently, the most repeated question I hear from companies implementing ISO 27001 is: “I heard a new revision of ISO 27001 is soon to be...
    One Information Security Policy, or several policies?
    Very often I see questions on various forums on how to develop an Information Security Policy. Quite frankly, I don’t...
    Very often I see questions on various forums on how to develop an Information Security Policy. Quite frankly, I don’t think it is a good idea to stuff all the security rules into a single...
    5 ways to avoid overhead with ISO 27001 (and keep the costs down)
    There are probably two main thoughts managers have when starting ISO 27001 implementation: (1) we’ll pay quite a lot of...
    There are probably two main thoughts managers have when starting ISO 27001 implementation: (1) we’ll pay quite a lot of money for something we’re not sure is worth it; and (2) the annoyance of maintaining...
    ISO 27001 control objectives – Why are they important?
    Note: this article was updated according the 2013 version of ISO 27001 Peter Drucker (one of the most influential thinkers...
    Note: this article was updated according the 2013 version of ISO 27001 Peter Drucker (one of the most influential thinkers on the subject of management theory) said “What gets measured gets managed”. The same goes...
    ISO 27002 – What will the next revision bring?
    It’s been six years since the last revision of ISO/IEC 27002 (in 2005) – much has changed in information security...
    It’s been six years since the last revision of ISO/IEC 27002 (in 2005) – much has changed in information security since then, and this standard definitely needs some “facelifting”. Since ISO 27002 is closely tied...
    Problems with defining the scope in ISO 27001
    You probably knew that the first step in ISO 27001 implementation is defining the scope. What you probably didn’t know...
    You probably knew that the first step in ISO 27001 implementation is defining the scope. What you probably didn’t know is that this step, although simple at first glance, can sometimes cause you quite a...