ISO 27001 Archive
We’re not going to lie: implementing an ISO 27001-compliant ISMS (information security management system) is hard work. But as the saying goes, nothing worth having comes easy, and ISO 27001 is definitely worth having. Anyone needing guidance should take a …
A version of this blog was originally published on 9 November 2017. Documentation is a crucial part of any ISO 27001 implementation project, and one of the most important documents you need to complete is the SoA (Statement of Applicability). …
Information security management remains a serious issue for the legal sector, with law firms reporting an increase in targeted attacks in 2018. Large volumes of client funds and confidential information are irresistible to cyber criminals, so it is unsurprising that …
This blog has been updated to reflect industry updates. Originally published December 2017. With the number of data breaches increasing every year, they are now a huge issue for organisations. 46% of all UK businesses identified at least one cyber …
Anyone with an interest in information security will have encountered ISO 27001, the international standard that describes best practice for an ISMS (information security management system). However, you might not be as familiar with ISO 27002. It’s a supplementary standard …
Anyone interested in getting into or advancing their career in cyber security probably knows that they will need training and qualifications. But given that the field is so broad, how are you supposed to decide which course is right for …
ISO 27001 is the international standard that describes best practice for an ISMS (information security management system). The Standard takes a risk-based approach to information security, requiring organisations to identify threats to their organisation and select appropriate controls to tackle …
This blog has been updated to reflect industry updates. Originally published 24 March 2016. Although ISO 27001 is built around the implementation of information security controls, none of them are universally mandatory for compliance. That’s because the Standard recognises that …
IT Governance has been working with gambling operators for more than 15 years, helping them to comply with a range of regulations, so we were interested to see evidence that two of the UK’s biggest gambling trade bodies are set …
This blog has been updated to reflect industry updates. Originally published 29 November 2017. As the risk of suffering a data breach continues to increase, information security has become a critical issue for all organisations – especially as the GDPR …
