Archive for the ‘ISO 27k’ Category

ISO27001 Gap Analysis

  A specialist, in-person review of your current information security posture against the requirements of ISO/IEC 27001:2013. Get the true picture of your ISO 27001 compliance gap, and receive expert advice on how to scope your project and establish your project resource requirements. What to expect: An ISO 27001 specialist will interview key stakeholders  and […]

Leave a Comment

Security Management and Governance

The textbook for the Open University’s postgraduate information security course. The recommended textbook for all IBITGQ ISO 27001 courses. Available in softcover or eBook format. Description Fully updated expert information security management and governance guidance based on the international standard for information security management, ISO 27001. As global threats to information security increase in frequency […]

Comments (1)

Why is ISO 27001 so important for US technology firms?

by Rob Freeman At IT Governance, we have long known that compliance with the ISO 27001 information security management standard is essential for all US companies that wish to do business with the rest of the world. This requirement is fuelled by the ever growing threat of cybercrime and the increasing awareness of the data […]

Leave a Comment

vsRisk™ risk assessment

vsRisk Standalone 3.0 – Brand new vsRisk™ risk assessment software available now vsRisk is fully aligned with ISO 27001:2013 and helps you conduct an information security risk assessment quickly and easily. The upgrade includes three key changes to functionality: custom acceptance criteria, a risk assessment wizard and control set synchronization. This major release also enables users […]

Leave a Comment

Fragmented cybersecurity regulation threatens organizations

Fragmented cybersecurity regulation threatens organizations Melanie Watson Organizations across the United States have a number of cybersecurity regulations to comply with, and need to show that they take protection of sensitive data seriously. Consumer data in the US is currently protected by a patchwork of industry-specific, federal, and state laws, the scope and jurisdiction of which vary. […]

Leave a Comment

The new CISO role: The softer side

  By Tracy Shumaker In order for CISOs to stay relevant in their field today, they must add communication and soft skills to their list of capabilities. Traditionally, their role has been to take charge of IT security. Now CISOs oversee cybersecurity and risk management systems. They must manage teams and get leadership approval in order […]

Leave a Comment

Implementing an ISMS: where should you start?

With the number of ISO 27001 certifications rising fast in the US, organizations will be looking to implement an ISO 27001-compliant information security management system (ISMS) quickly, before any of their competitors. However, the hardest part of achieving ISO 27001 certification is providing the documentation for the ISMS. Often – particularly in more complex and […]

Leave a Comment

Keep certification simple using ITGP’s toolkits

When implementing ISO management systems, most of us would like to: get it right first time, keep it as straightforward as possible, be able to integrate the system with other frameworks, reduce common errors that are made during the process, and cut implementation costs where possible.   Implementing management systems has never been easier with […]

Leave a Comment

New York Stock Exchange cybersecurity guide recommends ISO 27001

by Neil Ford The New York Stock Exchange (NYSE) has released a 355-page guide to cybersecurity (Navigating the Digital Age: The Definitive Cybersecurity Guide for Directors and Officers), written by more than 80 individual contributors representing organizations including Booz Allen Hamilton, Dell SecureWorks, Georgia Institute of Technology, the Internet Security Alliance, Rackspace Inc., the US Department […]

Leave a Comment

North America has largest growth rate of ISO 27001 registrations

by Melanie Watson North America is currently the fastest growing region in terms of ISO 27001 registrations, according to ISO Survey 2014. Now totalling 836 registrations, North America boasts an annual growth rate of 17.42% in 2014. Other regions include the Middle East with a growth rate of 13.53%, Central and South Asia with 12.54%, […]

Leave a Comment

International law firms see ISO 27001 certification as competitive differentiator

International law firms see ISO 27001 certification as competitive differentiator by Melanie Watson ISO 27001 has long been regarded as the information security standard to protect a company’s sensitive information, but more recently law firms have been viewing it as a key competitive differentiator in their field. Key selling point Shook, Hardy & Bacon achieved […]

Leave a Comment

Code of practice for protection of Personally Identifiable Information

ISO 27018 Code of practice for protection of Personally Identifiable Information (PII) in public clouds acting as PII processors by Microsoft Azure ISO/IEC 27018 was published in July 2014 by the International Organization for Standardization (ISO), as a new component of the ISO 27001 standard. ISO 27018 adds controls to the ISO/IEC 27001/27002 standards to […]

Leave a Comment

Five ISO 27001 books you should read

Take a plunge into the world of ISO 27001 with these recommended reads by Desislava Aleksandrova As a professional embarking on your first journey implementing ISO 27001, you are probably hungry for knowledge and eager to make progress. While starting a new project may be exciting, it can also be daunting if you lack relevant […]

Leave a Comment

How to identify risks, threats and vulnerabilities for small business

Small business owners are often lulled into a false sense of security, thinking that only major retailers, banks and healthcare companies are at risk of a data breach. Although a malicious attack is the most commonly discussed threat to cyber security, it isn’t the only type your business should watch out for. Natural disasters, human […]

Leave a Comment

Independent Risk Assessment

The essential suite for undertaking an independent risk assessment compliant with ISO/IEC 27001; supporting ISO/IEC 27002 and conforming to ISO/IEC 27005, whilst providing guidance to multiple internal Asset Owners. Risk assessment is the core competence of information security management. This toolkit provides essential information, guidance & tools YOU NEED to undertake an effective ISO 27001 […]

Leave a Comment