Detailed explanation of 11 new security controls in ISO 27001:2022
Dejan Kosutic
If you’re a security practitioner dealing with ISO 27001, you’re probably wondering what new things you will need to implement...
If you’re a security practitioner dealing with ISO 27001, you’re probably wondering what new things you will need to implement as part of the changes that will be made to this standard during 2022....
Main changes in the new ISO 27002 2022 revision
Rhand Leal
It’s been eight years since the last revision of ISO/IEC 27002 (in 2013), and although ISO 27001:2013 was confirmed in 2019 (i.e.,...
It’s been eight years since the last revision of ISO/IEC 27002 (in 2013), and although ISO 27001:2013 was confirmed in 2019 (i.e., no changes in the Information Security Management System standard were required) – ISO 27002 definitely...
Relationship between ISO 27701, ISO 27001, and ISO 27002
Antonio Jose Segovia
Update 2022-04-26. You probably know what the GDPR (General Data Protection Regulation) is, and maybe you also know about information...
Update 2022-04-26. You probably know what the GDPR (General Data Protection Regulation) is, and maybe you also know about information security and the ISO 27001 series standards, but do you know that there is an...
How to manage the security of network services according to ISO 27001 A.13.1.2
Everybody knows that information is stored in information systems (workstations, laptops, smartphones, etc.), but to exchange the information via a...
Everybody knows that information is stored in information systems (workstations, laptops, smartphones, etc.), but to exchange the information via a network is necessary. Most of the information systems in this world are connected to the...
Clear desk and clear screen policy and what it means for ISO 27001
Updated: December 05, 2022., according to the ISO 27001:2022 revision. Imagine this scene: an employee at his desk, in an...
Updated: December 05, 2022., according to the ISO 27001:2022 revision. Imagine this scene: an employee at his desk, in an open-plan office, is reviewing on his notebook some data to prepare a report about the...
How to set security requirements and test systems according to ISO 27001
Security is something that everyone wants to have, but which no one ever wants to use. And this thought can...
Security is something that everyone wants to have, but which no one ever wants to use. And this thought can bring a lot of problems. Unless a system’s purpose is security related (e.g., firewall, access...
Media & equipment disposal – what is it and how to do it in line with ISO 27001
Update 2022-4-26. Today, hard drive and other media devices are less common than they were some years ago, because the...
Update 2022-4-26. Today, hard drive and other media devices are less common than they were some years ago, because the current trend is to use the cloud, although there are still a lot of people...
How to implement network segregation according to ISO 27001 control A.13.1.3
Update 2022-09-06. Think about a house, or office, with only one big space where you can arrange all your loved...
Update 2022-09-06. Think about a house, or office, with only one big space where you can arrange all your loved and precious things the way you think most appropriate. Tempting, isn’t it? The flexibility to...
ISO 27032 – What is it, and how does it differ from ISO 27001?
There are many standards in the ISO 27001 series, all related to security. You probably don’t know much about ISO...
There are many standards in the ISO 27001 series, all related to security. You probably don’t know much about ISO 27032:2012 because it is not as well-known as ISO 27001, ISO 27002, or ISO 22301,...
How to use firewalls in ISO 27001 and ISO 27002 implementation
A firewall is basically software that manages connections between different networks (internal or external), and has the ability to accept...
A firewall is basically software that manages connections between different networks (internal or external), and has the ability to accept a connection, reject it, or filter it under certain parameters. Because this is a key...
