Take the ISO 27001 course exam and get the EU GDPR course exam for free
LIMITED-TIME OFFER – VALID UNTIL SEPTEMBER 30, 2021
  • (0)
    ISO-27001-ISO-22301-blog

    Tag: “Risk Assessment”

    The documentation myth – Why the templates are not enough?
    I noticed that many people running ISO 27001 projects who have downloaded documentation templates think “I have the templates now...
    I noticed that many people running ISO 27001 projects who have downloaded documentation templates think “I have the templates now – the rest is easy. I’ll write a few documents, show them to auditor, and...
    Lessons learned from ISO 27001 implementation
    Many readers of this blog asked me to present a real-life experience of ISO 27001 implementation in a company. Since...
    Many readers of this blog asked me to present a real-life experience of ISO 27001 implementation in a company. Since I would be too subjective if I started writing my own impressions, I decided to...
    What is cybersecurity and how can ISO 27001 help?
    Every time I speak to someone about cybersecurity I hear rather different definitions about what it actually is – but...
    Every time I speak to someone about cybersecurity I hear rather different definitions about what it actually is – but at least the general idea is pretty much the same. However, when it comes to...
    ISO 27002 – What will the next revision bring?
    It’s been six years since the last revision of ISO/IEC 27002 (in 2005) – much has changed in information security...
    It’s been six years since the last revision of ISO/IEC 27002 (in 2005) – much has changed in information security since then, and this standard definitely needs some “facelifting”. Since ISO 27002 is closely tied...
    How to deal with insider threats?
    “Your ISO 27001 is nice in theory, but if our system administrator goes crazy, we’re dead.” – I hear this...
    “Your ISO 27001 is nice in theory, but if our system administrator goes crazy, we’re dead.” – I hear this quite often when speaking to my clients about which security controls they should apply. And...
    Is it possible to calculate the Return on Security Investment (ROSI)?
    If you are an information security or business continuity professional, then you’re probably aware of the most difficult part of...
    If you are an information security or business continuity professional, then you’re probably aware of the most difficult part of your job: to convince your management that investment in information security/business continuity makes sense. Traditionally,...