ISO 27001 Archive

Information security management remains a serious issue for the legal sector, with law firms reporting an increase in targeted attacks in 2018. Large volumes of client funds and confidential information are irresistible to cyber criminals, so it is unsurprising that …

This blog has been updated to reflect industry updates. Originally published December 2017. With the number of data breaches increasing every year, they are now a huge issue for organisations. 46% of all UK businesses identified at least one cyber …

ISO 27001 is the international standard that describes best practice for an ISMS (information security management system). The Standard takes a risk-based approach to information security, requiring organisations to identify threats to their organisation and select appropriate controls to tackle …

This blog has been updated to reflect industry updates. Originally published 24 March 2016. Although ISO 27001 is built around the implementation of information security controls, none of them are universally mandatory for compliance. That’s because the Standard recognises that …

This blog has been updated to reflect industry updates. Originally published 29 November 2017. As the risk of suffering a data breach continues to increase, information security has become a critical issue for all organisations – especially as the GDPR …

Information classification can be simply defined as the process of assigning an appropriate level of classification to an information asset to ensure it receives an adequate level of protection.

Updated April 2019. This promotion has now ended. However, you can still use the EU GDPR Compliance Gap Assessment Tool and ISO 27001 Gap Analysis Tool to learn where you should strengthen your organisation’s practices. While Brexit continues to cause widespread …