Posts Tagged ‘isms’

What is ISMS

Implementing an ISMS There are numerous ways of approaching the implementation of an ISMS.  The most common method to follow is a ‘Plan Do Check Act’ process. ISO 27001 is the international security standard that details the requirements of an ISMS. ISO 27001, along with the best-practice guidelines contained in ISO 27002, serve as two excellent guides […]

Leave a Comment

6 Essential Pillars for InfoSec Prioritization

It may be time to Think Differently in security. Do you know which of your vulnerabilities are critical, those which can wait a day, vs ones that are just noise? Read this handy guide to get the 6 essential pillars for comprehensive InfoSec prioritization: The Five Laws of Cybersecurity | Nick Espinosa | TEDxFondduLac Your […]

Leave a Comment

The best practice guide for an effective infoSec function

The best practice guide for an effective infoSec function: iTnews has put together a bit of advice from various controls including ISO 27k and NIST CSF to guide you through what’s needed to build an effective information security management system (ISMS) within your organization. This comprehensive report is a must-have reference for executives, senior managers […]

Leave a Comment

ISO 27001 ISMS Documentation Toolkit Bolt-on

Combine with the ISO 9001:2015 QMS Documentation Toolkit and/or the ISO 14001:2015 EMS Documentation Toolkit to create an ISO 27001- compliant integrated management system (IMS). ISO 27001 ISMS Documentation Toolkit Bolt-on DISC InfoSec 🔒 securing the business 🔒 Cyber Security Awareness ↑ Grab this Headline Animator

Leave a Comment

Implementing an ISMS: where should you start?

With the number of ISO 27001 certifications rising fast in the US, organizations will be looking to implement an ISO 27001-compliant information security management system (ISMS) quickly, before any of their competitors. However, the hardest part of achieving ISO 27001 certification is providing the documentation for the ISMS. Often – particularly in more complex and […]

Leave a Comment

When to use tools for ISO 27001/ISO 22301 and when to avoid them

If you’re starting to implement complex standards like ISO 27001 or ISO 22301, you’re probably looking for a way to make your job easier. Who wouldn’t? After all, reinventing the wheel doesn’t sound like a very interesting job. So, you start looking for some tool to help you with these information security and business continuity […]

Comments (1)

Do it yourself solution for ISO27001 implementation

ISO 27001 Do It Yourself Package This is the do-it-yourself solution for ISO27001 implementation Cyber crime is increasing exponentially, and this trend will continue as more business activities move online and more consumers connect to the Internet. ISO/IEC 27001 is the only international information security management Standard that can help your organization protect its critical […]

Leave a Comment

Information Security and ISO 27001-2013

The perfect introduction to the principles of information security management and ISO27001:2013 Most organizations implementing an information security management regime opt for systems based on the international standard, ISO/IEC 27001. This approach ensures that the systems they put in place are effective, reliable and auditable. Up to date with the latest version of the Standard […]

Leave a Comment

The Protection of Personal Information Act (POPI) in South Africa – Benefits and Challenges

by Ilenia Vidili In South Africa the Protection of Personal information Act (POPI) aims to regulate how companies secure the integrity and confidentiality of their data assets by taking technical and organisational measures to prevent the loss of, and damage and unauthorised access to, personal information. POPI was signed into law on 26th November 2013 […]

Leave a Comment

ISO27001 2013 high level review for making the transition

ISO 27001 2013 high level review for making the transition from ISO 27001 2005 The Case for ISO 27001 (2013) Second Edition (Download the latest book in Adobe) It’s been several months now that highly anticipated release of the latest information security standard ISO 27001 2013 for the organization who have vested interest due to […]

Comments (3)

New ISO27013 Standard helps integrate ISO27001 with ISO20000

IT Governance Ltd, the global leader in IT governance, risk management and compliance, has announced that the highly anticipated ISO27013:2012 Standard has been published and is now available to buy from the company’s online shop at ITG ISO27013:2012 focuses exclusively on the integrated implementation of ISO/IEC 27001 and ISO/IEC 20000-1 – two of the world’s […]

Comments (1)

Achieve Best Practice & Win New Business with International IT Standards

International IT Standards help organizations achieve best practice systems and management of their IT processes. Certification against standards can help organizations protect their critical assets, rebuff cyber attacks, help win new business and achieve compliance against regulatory requirements. ISO27001: Cyber Security Standard (Cheapest price on the web) ISO27001 helps businesses create a best in class […]

Comments (1)

IT Governance helps SMEs protect themselves from cybercrime

IT Governance Ltd, the global provider of cyber security management solutions, has announced a value-add offer in March. Organisations that buy the No3 ISO27001 Comprehensive Toolkit before the end of March will receive the Cybersecurity Self Assessment Tool free, making double savings on resource and time. The No3 ISO27001 Comprehensive Toolkit contains highly practical books, […]

Leave a Comment

Do US companies do enough for their cyber security?

IT Governance Ltd, the ISO27001 and information security experts have reported that they are making a number of free resources available for download from their US website to help US companies meet the challenges of increased cyber crime. July 12, 2011 /24-7PressRelease/ — IT Governance Ltd, the ISO27001 and information security experts have reported that […]

Comments (1)

Rise of cybercrime and management responsibility

Image via WikipediaAccording to SF Chronicle article by Deborah Gage (May 8, 2009, c2) consumer reports magazine’s annual “State of the Net” survey finds that cybercrimes has held steady since 2004, with one out of five consumers becoming victims in last two years at a cost to economy of $8 billion. Consumer report can be […]

Comments (3)

ISO 27k and CMMI

To become a successful business in today’s market, optimized information security controls may be the panacea for unmet security needs. One way to achieve optimized information security control is to perform ISO assessment and assess the organization security posture based on ISO 27002 code of practice and map each control with Capability Maturity Model Integration (CMMI) […]

Comments (4)

Cyber threats and overall security assessment

Image via Wikipedia In the past when senior management (execs) needed to understand the financial implication of cyber threats and their exposures, they turned their questionnaires toward IT for relevant answers. In other words IT risk assessment was the answer in the past to understand the financial implications of cyber threats. The IT risk assessment […]

Comments (1)

Open Network and Security

Open networks are heterogeneous environment where users like to use all the applications and systems at any given time. In a heterogeneous environment, each department run different hardware and software, but you can control the protocols which will work on this environment. Universities are famous for open network. Most Universities network is comprised of a […]

Comments (1)

12 Phishing Threats and Identity Theft

Have you ever thought of losing something and you cannot live without it? Yes, that something can be your identity. Phishing is a practice of luring unsuspecting Internet users to a fake Web site by using authentic-looking email with the real organization’s logo, in an attempt to steal passwords, financial or personal information. In daily […]

Comments (1)

vsRisk and security risk assessment

Information Security Risk Management for ISO27001 / ISO27002 The State of California has adopted ISO/IEC 27002 as its standard for information security and recommends other organizations and vendors to use this standard as guidance in their efforts to comply with California law. To achieve an ongoing compliance, major organizations require tools to comply with standard […]

Comments (6)