Blog
We use this place to discuss random subjects. You may find some of them interesting...
Understanding the difference between effectiveness and efficiency
Effectiveness is about achieving results while efficiency means doing that while minimizing the use of resources (such as time, money or energy)
Energy management systems (EnMS) and how ISO 50001 helps companies improve performance
An Energy Management System (EnMS) is a powerful tool for organizations to optimize energy consumption, reduce costs, and contribute to environmental sustainability.
What is the role of a business continuity professional and why you should consider this career path?
Business continuity professionals play a key role in protecting organizational stability, jobs, and even lives
Is this a nonconformity or an opportunity for improvement? Understanding the difference.
Understanding the difference between a nonconformity and an OFI is important for both the organization implementing the management system and the auditor
Implementing an ISMS: What standards to Use? ISO/IEC 27001, ISO/IEC 27002, or both?
ISO/IEC 27001 and ISO/IEC 27002 are essential standards in the world of information security management. You could think of them as ISO/IEC 27001 being the "what," and ISO/IEC 27002 being the "how."
How to become an information security management system (ISMS) auditor: requirements, benefits, and pathway
Becoming an ISMS auditor is a rewarding career path that offers both financial and professional growth opportunities
Redundancy of information processing facilities. A detailed overview of what ISO/IEC 27001:2022 requires
Information processing facilities must be implemented with sufficient redundancy to meet availability requirements.
"ISO certified company", What does it mean?
What does "ISO certified company" really means? A management system professional should have a clear understanding of what a management system certification refers to
The importance of screening as an information security control
The human element is often the weakest link in information security. A robust screening process helps mitigate the risks posed by insider threats.
Type A and Type B Management System Standards (MSS)
Type A management system standards include requirements and can be used for auditing and certification, whereas Type B standards are typically guidance standards
The Power-Interest grid: a tool for stakeholder identification and management
The Power-Interest Grid as a great tool for stakeholder management. To ensure the succes of a project you want to engage the right people in the right way.
Scope 1, 2 and 3 greenhouse gas (GHG) emissions: definitions and examples
GHG emissions are generally classified into scope 1, 2 and 3. Each scope represents a different aspect of an organization’s emissions footprint
The relationship between environmental aspects and impacts in the context of an environmental management system (EMS)
Environmental aspects and impacts have a cause-and-effect relationship. Their understanding is key for effective environmental management
Understanding networks segregation as an information security control in ISO/IEC 27001:2022
Groups of services, users and information systems should be segregated in the organization's networks
Thinking about a career in occupational health & safety auditing? Here’s what you should know
Aspects to consider when planning for a career in ISO 45001 auditing