Blog

We use this place to discuss random subjects. You may find some of them interesting...

Topics

Management systems & auditing Environment and sustainability Governance, risk. Compliance Organizational resilence Safety and health Information security & privacy Quality and Project Management Artificial intelligence

View all topics

Remote auditing: what it is, why it matters, and what every auditor should know

Remote auditing is here to stay. Here's what every auditor needs to know

ISO/IEC 27701 and GDPR: How do they relate?

ISO/IEC 27701 and the GDPR are closely related — but they are not the same thing. One is a law. The other is a framework. Here is how they connect.

ISO/IEC 42001 Practitioner vs Auditor: Which AI Management Certification Is Right for You?

Not sure whether to go for the ISO/IEC 42001 Practitioner or Auditor certification? They're not the same — here's how to choose.

The impact of AI on ISO standards and management systems

How is artificial intelligence impacting the development and use of ISO standards

The 2026 edition of ISO 14001: What to expect?

A new edition of ISO 14001 is expected to be published in the first part of 2026. Some considerations on what the new standard will bring

PII Controller vs. PII Processor in ISO/IEC 27701

The distinction between PII controllers and PII processors within the framework proposed by ISO/IEC 27701. A few examples to better understand the concepts

What Is a Privacy Impact Assessment (PIA) and when is it necessary?

High-level overview of a key tool for privacy risk management. When is a PIA required and which are the steps of this assessment

68f3486220a57_Privacy Information ISO 27701

ISO/IEC 27701:2025. What’s new with the second edition of the Privacy Information Management standard?

A new edition of ISO/IEC 27701 has been published in October 2025. This article analyzes the changes to the privacy information management landscape

68e1fd631841d_Microsoft Responsible AI vs ISO 42001

Microsoft Responsible AI Standard and ISO/IEC 42001. A brief comparative analysis

ISO/IEC 42001 and Microsoft Responsible AI Standard are two leading frameworks for responsible AI. They share a similar goal but differ in many ways.

Risk owners in information security management. Why are they important?

Risk ownership is a key aspect in information security management. Without clear ownership risks are only managed in theory

We have a draft for ISO 9001:2026. What to expect?

The draft of ISO 9001:2026 has been released. No major updates compared to the 2015 edition of the standard

Preparation for an audit. Some suggestions for auditors

Good preparation, humility and effective dialogue, evidence-based findings and decisions, professional attitude and effective time management are ingredients of a good audit

The 2025 Edition of ISO 37001 – What has changed? Quick answer… Not much

ISO 37001 the reference standard for anti-bribery management systems has been revised in 2025. In this article we look at what has changed

What is HACCP and why it matters for food safety

Understand what HACCP is, how it works and where it applies. Discover with examples why HACCP is key for food safety

Understanding ISO 37001. Addressing facilitation and extortion payments within an ABMS

Diference between facilitation and extotion payments and how they should be managed in the context of an anti-bribery management system