ISO/IEC 27005 proposes two different approaches for risk identification. The event-based approach and the asset-based approach
ISO/IEC 27001 is a great tool for any organization looking to improve information security. However, there are some myths that should be debunked
We have published a brand new online course for information security management system auditors according to ISO/IEC 27001:2022
ISO/IEC 27001 and ISO/IEC 27002 are essential standards in the world of information security management. You could think of them as ISO/IEC 27001 being the "what," and ISO/IEC 27002 being the "how."
Becoming an ISMS auditor is a rewarding career path that offers both financial and professional growth opportunities
Information processing facilities must be implemented with sufficient redundancy to meet availability requirements.
The human element is often the weakest link in information security. A robust screening process helps mitigate the risks posed by insider threats.
Groups of services, users and information systems should be segregated in the organization's networks