ISO 27001 Archive

Those who are just getting to know ISO 27001 will no doubt find the audit a daunting prospect. It’s a big, complex task that can be tricky for even experienced professionals. But, as with many challenges, you can overcome any …

ISO 27001 focuses heavily on asset-based planning. This ensures that the information security measures you adopt are appropriate to the threats you face – both in practicality and scale. There is no point implementing controls if what their protecting against is …

ISO 27001 audits can be intimidating, especially if it’s the first time that your ISMS (information security management system) has been audited. So how can you make sure you’re doing everything that you should? This blog helps you settle your …

The SoA (Statement of Applicability) is one of the key documents when it comes to ISO 27001 compliance. It identifies the controls you have selected to address information security risks, explains why those controls have been selected, states whether they’ve …

Third-party suppliers are a common concern for organisations getting their GDPR (General Data Protection Regulation) compliance in order. When the Regulation was first introduced, the issue of third-party suppliers and their relation to organisations’ own GDPR compliance received a great …

Are you part of an in-house finance team? Or do you work for a finance provider – an accountancy firm, perhaps, or a financial advisory company? Like professionals in any other sector, you are subject to the EU’s GDPR (General …

According to the ICO (Information Commissioner’s Office), more than 14,000 data breaches were logged in the first year since the introduction of the GDPR (General Data Protection Regulation), which is almost four times the number reported in 2017/18. Every month …