ISO 27701 specifies the requirements for establishing, implementing, maintaining, and continually improving a PIMS (privacy information management system). Compliance with ISO 27701 shows customers and stakeholders that your organization takes privacy legislation seriously. ISO 27701 serves as an extension to ISO 27001. Organizations that have implemented ISO 27001 will be able to incorporate the controls and […]

Certified ISO 27001 ISMS Lead Auditor Training Course ISO 27001 Lead Auditor is the qualification of choice for ISO 27001 professionals, recognized by employers worldwide. Implementing and maintaining compliance with the Standard requires comprehensive knowledge of ISO 27001. ITG Certified ISO 27001 ISMS Lead Auditor Training Course gives participants a solid understanding of the requirements of an ISO 27001 […]

ISO 27001 certification requires organizations to prove their compliance with the Standard with appropriate documentation, which can run to thousands of pages for more complex businesses. But with the ISO 27001 Cybersecurity Toolkit, you have all the direction and tools at hand to streamline your project.   ISO 27001 Cybersecurity Toolkit Accelerate your ISO 27001 cybersecurity […]

Now that the festive frenzies have almost finished and you still have a few quiet days to spend at home, this is a great time to invest in your education. Enhance your knowledge of ISO 27001 with our wide range of books. Available in a variety of formats, including audiobook, softcover, Kindle and ePub, they cover […]

ISO 27001 Handbook If you want to understand ISO 27001, this handbook is all you need. It not only explains in a clear way what to do, but also the reasons why. This book helps you to bring the information security of your organization to the right level by using the ISO/IEC 27001 standard. An […]

Implementing an ISMS There are numerous ways of approaching the implementation of an ISMS.  The most common method to follow is a ‘Plan Do Check Act’ process. ISO 27001 is the international security standard that details the requirements of an ISMS. ISO 27001, along with the best-practice guidelines contained in ISO 27002, serve as two excellent guides […]

Anyone with an interest in information security will have encountered ISO 27001, the international standard that describes best practice for an ISMS (information security management system). However, you might not be as familiar with ISO 27002. It’s a supplementary standard that provides advice on how to implement the security controls listed in Annex A of ISO 27001. Although ISO […]

Pentests are required for ISO 27001 or SOC2 audits: download pdf Why do organizations need to conduct a penetration test?

ISO is shaking up the familiar structure of the ISO 27001/27002 control framework after over 20 years of stability.  Originally published as British Standard BS 7799 Part 1 and 2 in the late 1990s, adopted as the ISO 17799 standard in 2000, and then renumbered as ISO 27001/27002, the name has changed a few times […]

Introduction and Background As required by ISO27001 the risks identified in the risk assessment need to be ones that if they happened would result in the loss of Confidentiality Integrity and/or Availability (CIA) of information in the scope of the ISMS. As also required by ISO27001 those controls that are necessary to modify each risk […]

The importance of the Statement of Applicability in ISO 27001 – with template Chloe Biscoe  23rd March 2021 Documentation is a crucial part of any ISO 27001 implementation project, and one of the most important documents you need to complete is the SoA (Statement of Applicability). In this blog, we explain what an SoA is, why it’s […]

Download pdf: Steps to implement ISMS Distance Learning Training Courses

We often are asked if FAIR™, the international standard for cyber and technology risk quantification and the basis of the RiskLens platform, is compatible with the common security and risk standards and frameworks. The answer is yes — by bringing a financial discipline to otherwise technical guidelines, FAIR and RiskLens enhance their value as business-decision […]

Browse Cyber Security Standards in the leading UK and international cyber security standards bookstore

There is light at the end of the tunnel with Covid-19 and businesses will need to be ready for whatever it may bring. Perhaps not a business as usual or will it be a case of your customers may want to reduce their vendors and their services. In 2021 customers may want to do business […]

ISO Self assessment tools list includes but not limited to Privacy, ISO 27001, ISO 9001 and ISO 14001 & ISO/IEC 27701 2019 Standard and Toolkit

ISO/IEC 27701:2019 provides guidance on data protection, including how organizations should manage personal information, and helps demonstrate compliance with privacy regulations around the world, such as the GDPR. The Standard integrates with the international information security management standard ISO/IEC 27001 to extend an ISMS (information security management system), enabling an organization to establish, implement, maintain and […]

Information security, cybersecurity and privacy protection — Requirements for bodies providing audit and certification of privacy information management systems according to ISO/IEC 27701 in combination with ISO/IEC 27001 (DRAFT)  Within a year or so, organisations will be able to have their Privacy Information Management Systems certified compliant with ISO/IEC 27701, thanks to a new accreditation […]

Reduce your cyber risk with ISO 27001 Contact DISC InfoSec if you have a question regarding ISO 27001 implementation. Explore the subject of Cyber Attack Download a Security Risk Assessment Steps paper! Subscribe to DISC InfoSec blog by Email Take an awareness quiz to test your basic cybersecurity knowledge DISC InfoSec 🔒 securing the business […]