• (0)
    ISO-27001-ISO-22301-blog

    Tag: “ISO 27005”

    How to address opportunities in ISO 27001 risk management using ISO 31000
    Businesses are full of risks, and organizations should do their best to identify, evaluate, and treat all of them –...
    Businesses are full of risks, and organizations should do their best to identify, evaluate, and treat all of them – or at least the most relevant ones. This is called risk management, which can vary...
    ISO 27001 vs. ISO 27032 cybersecurity standard
    There are many standards in the ISO 27001 series, all related to security.  You probably don’t know much about ISO...
    There are many standards in the ISO 27001 series, all related to security.  You probably don’t know much about ISO 27032:2012 because it is not as well-known as ISO 27001, ISO 27002, or ISO 22301,...
    Risk appetite and its influence over ISO 27001 implementation
    Clause 6.1.2 (a) (1) of ISO 27001:2013 states that an organization must establish and maintain information security risk criteria, and those...
    Clause 6.1.2 (a) (1) of ISO 27001:2013 states that an organization must establish and maintain information security risk criteria, and those must include criteria for risk acceptance. Since these criteria have direct influence on how organizational...
    ISO 31000 and ISO 27001 – How are they related?
    Contrary to the popular belief that ISO 31000 is now mandatory for ISO 27001 implementation, this is not true. However,...
    Contrary to the popular belief that ISO 31000 is now mandatory for ISO 27001 implementation, this is not true. However, ISO 31000 could be quite useful for ISO 27001 implementation – it not only offers...
    ISO 27000 series – What to expect in 2014
    If you are working as an ISO 27001 consultant or practitioner, you are probably heavily dependent on the ISO27k series...
    If you are working as an ISO 27001 consultant or practitioner, you are probably heavily dependent on the ISO27k series of standards. Since there are quite a lot of them (see the list here), it...
    Risk assessment tips for smaller companies
    Update: This blog post was updated according to the final version of ISO 27001:2013 that was published on September 25,...
    Update: This blog post was updated according to the final version of ISO 27001:2013 that was published on September 25, 2013. I have seen quite a lot of smaller companies (up to 50 employees) trying...