conformio mobile logo

Smart compliance solutions

Toolkits vs. Conformio – Which is more applicable for my company?

Organizations that have in-house knowledge for implementing the ISO 27001 standard, the leading ISO standard for information security management, are rare. This is especially true for small and mid-sized companies, so the search for market solutions for the implementation of ISO 27001 in a quick, easy, and cost-effective way is common. As a response to this need, Advisera offers two solutions: the ISO 27001 Documentation Toolkit and the ISO 27001 compliance software, Conformio. See below a comparison, based on key features,…

Read more...

What kind of ISO 27001 software will be the easiest for employees to use?

Let’s face it, picking the right tool for your organization usually comes down to price and available features. If the tool is cheaper and offers plenty of nice-looking features and reports, it is quickly promoted as the top choice. Unfortunately, organizations rarely consider the time and resources they should invest while setting up and implementing the ISO 27001 software tool, much less maintenance and upgrade costs. Sometimes, those hidden set-up, implementation, maintenance, and upgrade costs exceed expectations and can turn…

Read more...

Using ISO 27001 online software vs. documentation templates

When you start your ISO 27001 project, you have to make some very important decisions – one of those decisions is if you’re going to use a consultant. If you decide not to use one (which is a trend lately), then you have to decide what kind of online support you can get for your implementation. Basically, you have two types of providers that offer support for ISO 27001 implementation: those who offer documentation templates, and those who offer ISO…

Read more...

Case study: How to solve nonconformities using online ISO 27001 compliance software

When it comes to being compliant with ISO 27001, even at the best of times it can be a problem to track the actions needed to address nonconformities, and the subsequent corrective actions. This can be especially difficult when the people involved are not located at the same facility. One way to address this need is to use an online ISO 27001 nonconformities tool to track these actions and ensure that they are completed in a timely manner. This case…

Read more...

What kind of Document Management System (DMS) do you need for handling ISO 27001 documents?

If you’re starting to implement ISO 27001, one of the first concerns you probably have is how to handle the policies, procedures, and other documents you’ll produce. Should you use Dropbox? Or SharePoint? Or simply keep the files on a local disk and deliver them through email? This article helps you make the right choice about your ISO 27001 DMS. What does the ISO 27001 standard require of a DMS? Let’s first look at what exactly you need to comply…

Read more...

How should you keep your ISO 27001 documents – in the cloud or on paper?

Many organizations in today’s world implement and maintain ISO 27001. To prove compliance with the standard, some organizations use paper-based documents (this is becoming more and more rare these days), some use a combination of electronic documents and paper-based documents (maybe the most common practice), and others rely solely on electronic documents (this is the trend, and will become standard in the near future). As information technology has paved the way for automation and revolutionized many fields (e.g., robotic surgery,…

Read more...

How to use online software to accomplish efficient ISO 27001 implementation

There are many reasons for a company to implement a management system according to ISO 27001. Finding efficiency in the processes is one of the main motives that drive companies towards implementation. This pursuit of efficiency can provide large benefits for an organization, as this will advance improvements and make processes easier, faster, and less expensive. So, while you work towards efficiency throughout your system, you will want to ensure that the processes used to support your management system are…

Read more...

How to establish the ISO 27001 corrective actions process using an online tool

Corrective actions (CAs) are one of the most powerful tools at our disposal for striving towards improvement of an Information Security Management System (ISMS) according to ISO 27001. The better the tool is, the more effect it will bring. But, in the real world, CAs are often neglected and many companies avoid recording nonconformities just because they don’t want to deal with corrective actions afterwards. The reason for this notion is the conventional approach to the process of ISO 27001…

Read more...

ISO implementation: Pros and cons of using software vs. consultants

The modern era provides us with an abundance of options to perform any task or project. The question of how to do something is replaced with the question of how to do it in the most efficient way. The same goes for implementation of an Information Security Management System (ISMS) according to ISO 27001. If you are implementing an ISO 27001 ISMS, you are probably puzzled over the approach you should take, and a consultant is usually the first option…

Read more...