Problems with defining the scope in ISO 27001
Dejan Kosutic
You probably knew that the first step in ISO 27001 implementation is defining the scope. What you probably didn’t know...
You probably knew that the first step in ISO 27001 implementation is defining the scope. What you probably didn’t know is that this step, although simple at first glance, can sometimes cause you quite a...
Information security policy – how detailed should it be?
Quite often I see information security policies written in too much detail, trying to cover everything from strategic objectives to...
Quite often I see information security policies written in too much detail, trying to cover everything from strategic objectives to how many numerical digits a password should contain. The only problem with such policies is...
Dilemmas with ISO 27001 & BS 25999-2 internal auditors
If this is the first time you have come across the notion of internal auditor, you are probably puzzled –...
If this is the first time you have come across the notion of internal auditor, you are probably puzzled – Why would I need another control? Who is going to pay for it? Who should...
How to become ISO 27001 Lead Auditor
Updated: November 14, 2022. Many people think that just by attending the ISO 27001 Lead Auditor Course they have become the...
Updated: November 14, 2022. Many people think that just by attending the ISO 27001 Lead Auditor Course they have become the ISO 27001 Lead Auditor. Well, this is not entirely true. This article will show the...
