Annex A of ISO 27001 comprises 114 controls which are grouped into the following 14 control categories. Each of the 14 categories and provide you with a clear explanation of the primary objective...
In this blog, we want to dig a bit deeper into the benefits that are gained from implementing the Standard and from achieving certification...
The answer depends on your goals and knowledge of your current position. This blog will look at which is best and when.
We are hearing a lot about phishing and phishing attacks currently so, in this blog, we will take a step back to understand what phishing is, the types and how to recognise a phishing attack..
We are going to explore why the focus on a risk-based approach has helped turn ISO 27001, the International Information Security Management Standard, into such a world-beater.
The PCI SCC has recently released a new remote assessment guidelines and procedures. Here we address a number of key questions: What are the Main Contents? What Led to it Being Published? And others.
There is some confusion about the difference between having an information security management system (ISMS) which is certified to ISO 27001 and one which is compliant or aligned to the Standard.
And how it can help avoid another Snowden Breach! This blog talks about information classification. So, what exactly do we mean by information classification?
In this blog, we are going to look at governance. We are regularly asked, ‘what do you mean by governance?’ or, ‘is information governance the same as IT governance?’
This blog takes a look at onboarding information systems. When onboarding is mentioned in terms of information security, typically, most will conclude it’s referring to people...