Show me desktop version
CALL US 1-888-553-2256
CountryCountry

The ISO 27001 & ISO 22301 Blog

Dejan Kosutic

How to maintain the ISMS after the certification

If you thought that your job was over after the ISO 27001 certification, you’re wrong – the real job with your Information Security Management System (ISMS) has just begun. OK, but where do you start? The good news is that you already have all the directions in your documentation, but …

Read More ...
Dejan Kosutic

Roles and responsibilities of top management in ISO 27001 and ISO 22301

Did you know that, in most cases, failure to implement ISO 27001 or ISO 22301 was directly related to the fact that top management did not want to assume their responsibilities for information security / business continuity in their companies? OK, you probably knew that. But, what are these responsibilities, …

Read More ...
Dejan Kosutic

Why is management review important for ISO 27001 and ISO 22301?

Like some other clauses in ISO 27001 and ISO 22301, clause 9.3, which defines requirements for management review, is one of the most misunderstood and most underappreciated elements of these standards. In practice, this review is usually done only to satisfy the certification auditor, but by doing so a great …

Read More ...
Dejan Kosutic

Management’s view of information security

If you think your management doesn’t have a clue what information security is all about, keep in mind that misunderstanding usually goes both ways: management often thinks you have no idea about what is appropriate for the business. So before suggesting to your management to start implementing your information security …

Read More ...
Dejan Kosutic

BS 25999-2 implementation checklist

Your management has given you the task to implement business continuity, but you’re not really sure how to do it? Although it is not an easy task, you can use the BS 25999-2 methodology to make your life easier – here are the main steps necessary to implement this standard: …

Read More ...
Dejan Kosutic

Using ISO 9001 for implementing ISO 27001

You have already implemented ISO 9001? You have heard that ISO 27001 might be a good idea? But how can something that has to do with quality help you implement information security? It can, more than you may think. ISO 9001 specifies how the quality management systems (QMS) must look …

Read More ...

OUR CLIENTS

OUR PARTNERS

  • Advisera is Exemplar Global Certified TPECS Provider for the IS, QM, EM and AU Competency Units.
  • ITIL® is a registered trade mark of AXELOS Limited. Used under licence of AXELOS Limited. All rights reserved.
  • DNV GL Business Assurance is one of the leading providers of accredited management systems certification.