Latest news Archive
Risk assessments are at the heart of ISO 27001, but they often have a reputation for being time-consuming and difficult. But how long should the risk assessment process take? The answer depends on which tool you use. Risk assessment tools …
Data flow maps are essential for organisations to understand how sensitive information moves through their business. For example, you might collect user information in a survey, which is then funnelled into a database that’s used by your marketing team. If …
If you’re trying to protect your organisation from security incidents, you will probably have come across the concept of risk assessments. This is an essential step to understanding and addressing your weaknesses, and must be done before you introduce new …
Sensitive data is one of an organisation’s most important assets, so it makes sense that you prioritise its security. Information security is “the practice of preventing unauthorized access, use, disclosure, disruption, modification, inspection, recording or destruction” of sensitive records. This …
One of the core principles of ISO 27001 is that the information security measures you adopt must be relevant to the threats your organisation faces. Every business is unique – in its structure, the types of information it processes and …
ISO 27001 audits can be intimidating, especially if it’s the first time that your ISMS (information security management system) has come under scrutiny. So how can you make sure you’re doing everything that you should? This blog helps settle your …
When you’re considering your organisation’s cyber security measures, there are two things you must consider: do these controls work now, and will these controls work in the future? The first issue is comparatively easy to assess, because any solution you …
ISO 27001 is the international standard for an ISMS (information security management system), a best-practice approach to security that helps organisations achieve all of their data privacy compliance objectives. If you are currently weighing up your options for ISO 27001 …
An ISO 27001 risk assessment contains five key steps. In this blog, we look at the second step in the process – identifying the risks that organisations face – and outline 10 things you should look out for. How to identify …
When it comes to ISO 27001 compliance, the SoA (Statement of Applicability) is one of the key documents you must complete. It identifies the controls you have selected to address information security risks, explains why those controls have been selected, …
