Blog
We use this place to discuss random subjects. You may find some of them interesting...
What is and what is not ISO 9001
ISO 9001, the most popular standard in the world, is a useful tool for any organization if applied correctly. However it is not a magic solution and there are many misconceptions about this standard
Debunking some common myths about ISO/IEC 27001, the information security management system (ISMS) standard
ISO/IEC 27001 is a great tool for any organization looking to improve information security. However, there are some myths that should be debunked
Our new ISO/IEC 27001 Lead Auditor for Information Security course
We have published a brand new online course for information security management system auditors according to ISO/IEC 27001:2022
Understanding the difference between effectiveness and efficiency
Effectiveness is about achieving results while efficiency means doing that while minimizing the use of resources (such as time, money or energy)
Energy management systems (EnMS) and how ISO 50001 helps companies improve performance
An Energy Management System (EnMS) is a powerful tool for organizations to optimize energy consumption, reduce costs, and contribute to environmental sustainability.
What is the role of a business continuity professional and why you should consider this career path?
Business continuity professionals play a key role in protecting organizational stability, jobs, and even lives
Is this a nonconformity or an opportunity for improvement? Understanding the difference.
Understanding the difference between a nonconformity and an OFI is important for both the organization implementing the management system and the auditor
Implementing an ISMS: What standards to Use? ISO/IEC 27001, ISO/IEC 27002, or both?
ISO/IEC 27001 and ISO/IEC 27002 are essential standards in the world of information security management. You could think of them as ISO/IEC 27001 being the "what," and ISO/IEC 27002 being the "how."
How to become an information security management system (ISMS) auditor: requirements, benefits, and pathway
Becoming an ISMS auditor is a rewarding career path that offers both financial and professional growth opportunities
Redundancy of information processing facilities. A detailed overview of what ISO/IEC 27001:2022 requires
Information processing facilities must be implemented with sufficient redundancy to meet availability requirements.
"ISO certified company", What does it mean?
What does "ISO certified company" really means? A management system professional should have a clear understanding of what a management system certification refers to
The importance of screening as an information security control
The human element is often the weakest link in information security. A robust screening process helps mitigate the risks posed by insider threats.
Type A and Type B Management System Standards (MSS)
Type A management system standards include requirements and can be used for auditing and certification, whereas Type B standards are typically guidance standards
The Power-Interest grid: a tool for stakeholder identification and management
The Power-Interest Grid as a great tool for stakeholder management. To ensure the succes of a project you want to engage the right people in the right way.
Scope 1, 2 and 3 greenhouse gas (GHG) emissions: definitions and examples
GHG emissions are generally classified into scope 1, 2 and 3. Each scope represents a different aspect of an organization’s emissions footprint