ISO 27001 Archive
Risk assessments are at the heart of organisation’s information security practices, as they help identify relevant threats and the most appropriate way of dealing with them. But what should the process look like? ISO 27001, the international standard for information …
Those who are just getting to know ISO 27001 will no doubt find the audit a daunting prospect. It’s a big, complex task that can be tricky for even experienced professionals. But, as with many challenges, you can overcome any …
ISO 27001 focuses heavily on asset-based planning. This ensures that the information security measures you adopt are appropriate to the threats you face – both in practicality and scale. There is no point implementing controls if what their protecting against is …
ISO 27001 audits can be intimidating, especially if it’s the first time that your ISMS (information security management system) has been audited. So how can you make sure you’re doing everything that you should? This blog helps you settle your …
The SoA (Statement of Applicability) is one of the key documents when it comes to ISO 27001 compliance. It identifies the controls you have selected to address information security risks, explains why those controls have been selected, states whether they’ve …
Third-party suppliers are a common concern for organisations getting their GDPR (General Data Protection Regulation) compliance in order. When the Regulation was first introduced, the issue of third-party suppliers and their relation to organisations’ own GDPR compliance received a great …
Are you part of an in-house finance team? Or do you work for a finance provider – an accountancy firm, perhaps, or a financial advisory company? Like professionals in any other sector, you are subject to the EU’s GDPR (General …
Robust information compliance has never been so high-profile. The introduction of the EU GDPR (General Data Protection Regulation) in May 2018 put personal data protection firmly in the public consciousness. Cybercrime continues to grab headlines, with attacks causing massive disruption …
According to the ICO (Information Commissioner’s Office), more than 14,000 data breaches were logged in the first year since the introduction of the GDPR (General Data Protection Regulation), which is almost four times the number reported in 2017/18. Every month …
Last November, Health Secretary Matt Hancock told NHS chiefs: “If you haven’t got your CIO on board then you need to be asking serious questions of yourself.” Hancock argued that CIOs were vital to developing the necessary systems and …
