Blog
We use this place to discuss random subjects. You may find some of them interesting...
Understanding ISO 37001. Addressing facilitation and extortion payments within an ABMS
Diference between facilitation and extotion payments and how they should be managed in the context of an anti-bribery management system
What are the Prerequisite Programmes (PRPs) in ISO 22000 and why they are critical aspects of a food safety management system (FSMS)
Prerequisite programmes (PRPs) are essential elements of any effective food safety management system
So... what exactly is Responsible AI?
AI has the potential to solve some of humanity’s greatest challenges. But we must use it wisely.
What is an AI system impact assessment and why does it matter?
The AI system impact assessment is a key element of an AI management system according to ISO/IEC 42001. Why is it so important?
ISO/IEC 42001. The ISO standard for AI management - What it is and… what it is not
Thoughts on ISO/IEC 42001, the first international standard for artificial intelligence management systems
How much does ISO certification cost for my company?
Wondering how much ISO certification costs? It depends on your company’s size, complexity, and scope—get a tailored quote, avoid flat-rate scams
The two approaches for information security risk identification proposed by ISO/IEC 27005:2022
ISO/IEC 27005 proposes two different approaches for risk identification. The event-based approach and the asset-based approach
What is and what is not ISO 9001
ISO 9001, the most popular standard in the world, is a useful tool for any organization if applied correctly. However it is not a magic solution and there are many misconceptions about this standard
Debunking some common myths about ISO/IEC 27001, the information security management system (ISMS) standard
ISO/IEC 27001 is a great tool for any organization looking to improve information security. However, there are some myths that should be debunked
Our new ISO/IEC 27001 Lead Auditor for Information Security course
We have published a brand new online course for information security management system auditors according to ISO/IEC 27001:2022
Understanding the difference between effectiveness and efficiency
Effectiveness is about achieving results while efficiency means doing that while minimizing the use of resources (such as time, money or energy)
Energy management systems (EnMS) and how ISO 50001 helps companies improve performance
An Energy Management System (EnMS) is a powerful tool for organizations to optimize energy consumption, reduce costs, and contribute to environmental sustainability.
What is the role of a business continuity professional and why you should consider this career path?
Business continuity professionals play a key role in protecting organizational stability, jobs, and even lives
Is this a nonconformity or an opportunity for improvement? Understanding the difference.
Understanding the difference between a nonconformity and an OFI is important for both the organization implementing the management system and the auditor
Implementing an ISMS: What standards to Use? ISO/IEC 27001, ISO/IEC 27002, or both?
ISO/IEC 27001 and ISO/IEC 27002 are essential standards in the world of information security management. You could think of them as ISO/IEC 27001 being the "what," and ISO/IEC 27002 being the "how."