Vigilant Software Blog
A centralised cyber security risk register is a document that includes information about an organisation’s threat environment. It contains information on potential cyber security risks. Usually it acts as …
One of the core aspects of an information security risk assessment is identifying the threats your organisation faces. We recommend that you follow the best practices outlined in ISO …
A data flow is the transfer of information from one location to another – for example, from suppliers and sub-suppliers through to customers. It’s essential that organisations map these …
For all the attention that organisations pay to their ISO 27001 risk assessment, it’s worth remembering that there’s an additional step afterwards – risk treatment. This is where you …
If organisations are to protect their sensitive data, they need to understand the three core components of information security: threat, vulnerability and risk. Those unfamiliar with the technicalities of …
When an organisation conducts an ISO 27001 risk assessment, it’s helpful to have a list of threats and vulnerabilities to hand to make sure everything is accounted for. The …
One of the most important steps when conducting an ISO 27001 risk assessment is to select risk owners to manage specific threats and vulnerabilities. Choosing the right person is …
As part of your GDPR (General Data Protection Regulation) compliance project, your organisation must understand what personal data it processes. To help you do this, you must create a data flow map. …
Personal data is the lifeblood of many organisations, but it is becoming increasingly important to manage the way that information is used. Organisations that fail to do so risk …
Risk assessments are at the heart of ISO 27001, but they often have a reputation for being time-consuming and difficult. But how long should the risk assessment process take? …
