ISO 27001 Archive
Are you part of an in-house finance team? Or do you work for a finance provider – an accountancy firm, perhaps, or a financial advisory company? Like professionals in any other sector, you are subject to the EU’s GDPR (General …
Robust information compliance has never been so high-profile. The introduction of the EU GDPR (General Data Protection Regulation) in May 2018 put personal data protection firmly in the public consciousness. Cybercrime continues to grab headlines, with attacks causing massive disruption …
According to the ICO (Information Commissioner’s Office), more than 14,000 data breaches were logged in the first year since the introduction of the GDPR (General Data Protection Regulation), which is almost four times the number reported in 2017/18. Every month …
Last November, Health Secretary Matt Hancock told NHS chiefs: “If you haven’t got your CIO on board then you need to be asking serious questions of yourself.” Hancock argued that CIOs were vital to developing the necessary systems and …
Have you ever wondered whether your organisation should become certified to ISO 27001? ISO 27001 provides the specification for an effective ISMS (information security management system) – a framework that offers a structured, comprehensive approach to managing information security risks. …
Data breaches are one of the biggest threat to organisations today. They can bring operations to a grinding halt, drastically damage your reputation and your relationship with customers, and cause severe financial losses from lost sales, remediation and repair costs, …
Digital disruption has long made its presence felt in the retail banking sector. A series of challenger brands have launched in recent years, building innovative and intuitive digital interfaces from the ground up and in some cases forgoing physical premises …
What is cyber risk management? Cyber risk is the identification, analysis and evaluation of cyber risks. It understands and analyses the IT infrastructure, identifies the potential vulnerabilities within different systems, then prioritises the identified risks and makes coordinated efforts to …
Articles 25(1) and 25(2) of the GDPR (General Data Protection Regulation) outline your obligations concerning ‘data protection by design and by default’. This requirement ensures that the six data protection principles are implemented, and that individuals’ rights are always safeguarded. …
For many people, the prospect of conducting a risk assessment is daunting. Inexperienced assessors often rely on spreadsheets, spending hours interviewing people in their organisation, exchanging documents and methodologies with other departments and filling in data. After all that, they’ll …
