Blog

We use this place to discuss random subjects. You may find some of them interesting...

Topics:

Management systems & auditing Environment and sustainability Governance, risk. Compliance Organizational resilence Safety and health Information security & privacy Quality and Project Management
View all topics

Implementing an ISMS: What standards to Use? ISO/IEC 27001, ISO/IEC 27002, or both?

ISO/IEC 27001 and ISO/IEC 27002 are essential standards in the world of information security management. You could think of them as ISO/IEC 27001 being the "what," and ISO/IEC 27002 being the "how."

How to become an information security management system (ISMS) auditor: requirements, benefits, and pathway

Becoming an ISMS auditor is a rewarding career path that offers both financial and professional growth opportunities

Redundancy of information processing facilities. A detailed overview of what ISO/IEC 27001:2022 requires

Information processing facilities must be implemented with sufficient redundancy to meet availability requirements.

The importance of screening as an information security control

The human element is often the weakest link in information security. A robust screening process helps mitigate the risks posed by insider threats.

Understanding networks segregation as an information security control in ISO/IEC 27001:2022

Groups of services, users and information systems should be segregated in the organization's networks