Show me desktop version
CALL US 1-888-553-2256
United States

The ISO 27001 & ISO 22301 Blog

How to maintain the ISMS after the certification

If you thought that your job was over after the ISO 27001 certification, you’re wrong – the real job with your Information Security Management System (ISMS) has just begun. OK, but where do you start? The good news is that you already have all the directions in your documentation, but …

Read More ...

Roles and responsibilities of top management in ISO 27001 and ISO 22301

Did you know that, in most cases, failure to implement ISO 27001 or ISO 22301 was directly related to the fact that top management did not want to assume their responsibilities for information security / business continuity in their companies? OK, you probably knew that. But, what are these responsibilities, …

Read More ...

Why is management review important for ISO 27001 and ISO 22301?

Like some other clauses in ISO 27001 and ISO 22301, clause 9.3, which defines requirements for management review, is one of the most misunderstood and most underappreciated elements of these standards. In practice, this review is usually done only to satisfy the certification auditor, but by doing so a great …

Read More ...

Management’s view of information security

If you think your management doesn’t have a clue what information security is all about, keep in mind that misunderstanding usually goes both ways: management often thinks you have no idea about what is appropriate for the business. So before suggesting to your management to start implementing your information security …

Read More ...

BS 25999-2 implementation checklist

Your management has given you the task to implement business continuity, but you’re not really sure how to do it? Although it is not an easy task, you can use the BS 25999-2 methodology to make your life easier – here are the main steps necessary to implement this standard: …

Read More ...

Using ISO 9001 for implementing ISO 27001

You have already implemented ISO 9001? You have heard that ISO 27001 might be a good idea? But how can something that has to do with quality help you implement information security? It can, more than you may think. ISO 9001 specifies how the quality management systems (QMS) must look …

Read More ...
Dejan Kosutic
Lead ISO 27001/22301 Expert, Advisera


ISO 27001 & ISO 22301
Free Downloads


Upcoming free webinar
[advisera-next-webinar data=’title’]
[advisera-next-webinar data=’date’]
Show posts:



  • Exemplar Global (formerly RABQSA) is leading international authority in certification of training providers.
  • ITIL® is a registered trade mark of AXELOS Limited. Used under licence of AXELOS Limited. All rights reserved.
  • DNV GL Business Assurance is one of the leading providers of accredited management systems certification.
Request callback
Request callback

Or call us directly

International calls
+1 (646) 759 9933