Blog

We use this place to discuss random subjects. You may find some of them interesting...

67d1b5a5a6f90_2630
The two approaches for information security risk identification proposed by ISO/IEC 27005:2022

ISO/IEC 27005 proposes two different approaches for risk identification. The event-based approach and the asset-based approach

Read more
67ae009556421_8188934
Debunking some common myths about ISO/IEC 27001, the information security management system (ISMS) standard

ISO/IEC 27001 is a great tool for any organization looking to improve information security. However, there are some myths that should be debunked

Read more
6781035760748_5665319_57834 (1) (1)
Our new ISO/IEC 27001 Lead Auditor for Information Security course

We have published a brand new online course for information security management system auditors according to ISO/IEC 27001:2022

Read more
670d3692c4668_ISMS_Auditor_27001
Implementing an ISMS: What standards to Use? ISO/IEC 27001, ISO/IEC 27002, or both?

ISO/IEC 27001 and ISO/IEC 27002 are essential standards in the world of information security management. You could think of them as ISO/IEC 27001 being the "what," and ISO/IEC 27002 being the "how."

Read more
66faa9c274a9b_71706
How to become an information security management system (ISMS) auditor: requirements, benefits, and pathway

Becoming an ISMS auditor is a rewarding career path that offers both financial and professional growth opportunities

Read more
66e8362b012f4_108506
Redundancy of information processing facilities. A detailed overview of what ISO/IEC 27001:2022 requires

Information processing facilities must be implemented with sufficient redundancy to meet availability requirements.

Read more
66cd866d97b08_46
The importance of screening as an information security control

The human element is often the weakest link in information security. A robust screening process helps mitigate the risks posed by insider threats.

Read more
66740c5179a0a_2148323445
Understanding networks segregation as an information security control in ISO/IEC 27001:2022

Groups of services, users and information systems should be segregated in the organization's networks

Read more