ISO 27001 Archive
An ISMS (information security management system) is a centrally managed framework for keeping an organisation’s information secure. It contains a set of policies, procedures and controls for protecting the confidentiality, integrity and availability of information. Confidentiality refers to the ability …
Information security policies are essential for tackling organisations’ biggest weakness: their employees. Everything an organisation does to stay secure, from implementing state-of-the-art technological defences to sophisticated physical barriers, relies on people using them properly. It only takes one employee opening …
It’s widely accepted that people are the weakest part of any organisation’s security defences. You can spend months designing flawless processes and you can invest in state-of-the-art technology to detect threats, but these both only work if the people using …
The new year can be a transformative time, as we turn our back on the holiday period and resolve that January will be the start of a ‘new year, new me’. You might be in the gruelling second week of …
Organisations are facing increasing pressure from regulators, clients and the public to address information security, which is leading to a spike in ISO 27001 certifications. The Standard describes best practices for an ISMS (information security management system), helping organisations address …
Organisations can gain certification for any number of frameworks and standards. Indeed, we regularly recommend certifying when implementing the likes of ISO 27001 and ISO 22301. But you’ll also hear us talk about ‘accredited certification’ – so what’s the difference? …
Ships have experienced a digital transformation in recent years. New technologies are helping them navigate the waters and ensure that everyone on board experiences the connectivity and convenience they expect. However, this increased volume of data has made ships an …
To comply with ISO 27001, the international standard for information security, you need to know how to perform a risk assessment. This process is at the core of your compliance measures, as it helps you identify the threats you face …
In November, Lush – the high-street store known for its fragrant, eco-friendly beauty products – temporarily lost the ability to take card transactions after a member of the IT team “deleted the till system by accident”. As a result, Lush …
The ISO 27001 implementation and review processes revolve around risk assessments. This is where organisations identify the threats to their information security and outline which of the Standard’s controls they must implement. The process begins by defining a methodology, i.e. …
