Vigilant Software Blog
A data flow is the transfer of information from one location to another – for example, from suppliers and sub-suppliers through to customers. It’s essential that organisations map these flows in order for them to keep data secure and meet …
For all the attention that organisations pay to their ISO 27001 risk assessment, it’s worth remembering that there’s an additional step afterwards – risk treatment. This is where you take the risks that you’ve identified and decide how to deal …
If organisations are to adequately protect their sensitive data, they need to understand the three core components of information security: threat, vulnerability and risk. Those unfamiliar with the technicalities of information security might assume that these terms are interchangeable, but …
When an organisation conducts an ISO 27001 risk assessment, it’s useful to have a list of threats and vulnerabilities to hand to make sure everything is accounted for. The list also helps you understand the difference between threats and vulnerabilities, …
One of the most important steps when conducting an ISO 27001 risk assessment is to select risk owners to manage specific threats and vulnerabilities. Choosing the right person is crucial, because not only should the owner of each risk be …
As part of your GDPR (General Data Protection Regulation) compliance project, your organisation must understand what personal data it processes. To help you do this, you must create a data flow map. A data flow map shows how your organisation’s data and information …
Personal data is the lifeblood of many organisations, but it is becoming increasingly important to manage the way that information is used. Organisations that fail to do so risk data breaches, reputational damage, lost time and financial repercussions. This is …
Risk assessments are at the heart of ISO 27001, but they often have a reputation for being time-consuming and difficult. But how long should the risk assessment process take? The answer depends on which tool you use. Risk assessment tools …
Data flow maps are essential for organisations to understand how sensitive information moves through their business. For example, you might collect user information in a survey, which is then funnelled into a database that’s used by your marketing team. If …
If you’re trying to protect your organisation from security incidents, you will probably have come across the concept of risk assessments. This is an essential step to understanding and addressing your weaknesses, and must be done before you introduce new …
