ISO 27001 Archives - Page 2 of 2 - URM
  • Importance of ISO 27001 internal audit, interna audit, audit, urm, URM, ISO 27001, InformationSecurity, Infosec, Infosecurity, International standard, ISO

    Importance of ISO 27001 internal audits

    Definition With this week’s blog, the spotlight turns to internal audit and specifically in the context of ISO 27001, the International Standard for Information Security Management. We will step right back and look at internal auditing from the perspective of those new to the subject or those trying to understand where and why it fits. […]

  • vulnerabilities vs penetration test , information security , PIC DSS, Infosec , INfosecurity, Payment Card Data Security Standard , vulnerability assessment

    Vulnerability assessment vs. Penetration testing

    Vulnerability assessment  – Penetration testing, can things go wrong? There seems to be a market trend to offer a vulnerability assessment and package it as a penetration testing exercise.   Both are security controls in ISO/IEC 27001: 2013 Annex A and both have distinct purpose and deliverables.  In addition, they both feature quite heavily within the […]

  • Describing Information classification. Information Security (ISO 27001)

    What is Meant by Information Classification?

    The focus of this week’s blog is information classification. Let’s start with first principles – What exactly do we mean by information classification?  In its simplest form, information classification is the process by which we assess the information we hold and identify the appropriate level of protection it must be given.  This protection may focus […]

  • The value of an internal information Security audit. A few reasons why you should not neglect it.

    The Value of Internal Audit

    The Value of Internal Audit This week’s blog takes a look at internal audit. Whilst it is a mandatory requirement of management systems, internal audit can often be the neglected ‘poor relation’.  This is particularly true in smaller organisations where the internal audit team consists of ‘volunteers’ who conduct audits as a secondary role to […]

  • Gap Analysis VS Risk Assessment, ISO 27001, Which to choose, gap, gap analysis, gap control, risk assessment analysis, analysis gap

    Gap Analysis vs Risk Assessment

    Should You Start Your ISO 27001 Programme with a Gap Analysis or is There a Better Starting Point? The answer depends on your goals and knowledge of your current position. This blog will look at which is best and when. When it comes to determining your need for information security controls there are a couple […]

  • ISO 27001 | Information Security Management | URM Consulting, iso 27001, what is iso 27001, iso certification, iso data, iso standards, blog, urm consulting cervices, urm services, urm training, urm iso 27001 seminars, services, consultancy, iso standards, iso 27001, urm consulting services, urm, implementing iso 27001, services, consultancy, iso standards, iso 27001, urm consulting services, urm, implementing iso 27001

    ISO 27001 – What is it and why should you implement it?

    ISO 27001 – The International Information Security Standard It is the International Standard for Information Security Management. Effectively, it provides any organisation, irrespective of size or sector, with a framework and an approach to protecting one of the most important assets, i.e. information. ISO 27001 is one of the most adopted international standards and one of the […]