ISO 27001 Risk Assessment, Treatment, & Management: The Complete Guide
Risk management is probably the most complex part of ISO 27001 implementation; but, at the same time, it is the...
Risk management is probably the most complex part of ISO 27001 implementation; but, at the same time, it is the most important step at the beginning of your information security project – it sets the...
Explanation of the most common business continuity terms
The pandemic has increased organizations’ interest in business continuity, as a way to protect themselves against disruption of their operations....
The pandemic has increased organizations’ interest in business continuity, as a way to protect themselves against disruption of their operations. However, in most cases, there is no time to wait for learning about business continuity...
How to prioritize security investment through risk quantification
Think of a circus juggler balancing dishes, bowls, and other flat objects on sticks. He needs to pay constant attention...
Think of a circus juggler balancing dishes, bowls, and other flat objects on sticks. He needs to pay constant attention so as not to let them fall, rotating them at sufficient speed and at the...
Risk appetite and its influence over ISO 27001 implementation
Clause 6.1.2 (a) (1) of ISO 27001:2013 states that an organization must establish and maintain information security risk criteria, and those...
Clause 6.1.2 (a) (1) of ISO 27001:2013 states that an organization must establish and maintain information security risk criteria, and those must include criteria for risk acceptance. Since these criteria have direct influence on how organizational...
How to maintain the ISMS after the certification
If you thought that your job was over after the ISO 27001 certification, you’re wrong – the real job with...
If you thought that your job was over after the ISO 27001 certification, you’re wrong – the real job with your Information Security Management System (ISMS) has just begun. OK, but where do you start?...
ISO 31000 and ISO 27001 – How are they related?
Last updated on March 10, 2022. Contrary to the popular belief that ISO 31000 is now mandatory for ISO 27001...
Last updated on March 10, 2022. Contrary to the popular belief that ISO 31000 is now mandatory for ISO 27001 implementation, this is not true. However, when comparing ISO 27001 vs. ISO 31000, the latter...