ISO/IEC 27001:2013

Latest News

View all
Default blog teaser image

How do you define the scope when embarking on a new ISMS implementation?

Should a company segregate the ISMS as it applies to a specific project or range of products and clients, purely for certification purposes? Having read several comments on social media forums, I found opinion to be surprisingly divided.

09/12/2014 09:54:05

Default blog teaser image

A word on risk assessments, interested parties and monitoring performance

ISO27001 defines the high-level requirements that all information security programmes should include and provides a structure for evaluating the comprehensiveness of such a programme. Many companies use the standard as a blueprint for designing a comprehensive set of security controls and an effective way to measure their own programmes.

24/11/2014 16:56:43

Default blog teaser image

A look back at ISO/IEC 27001:2013 and ISO/IEC 27002:2013

The following article was taken from the original article written by Marino G. Njalsson, Senior Security Consultant at HP Enterprise Security Services. It is now several months since the new versions of ISO/IEC 27001 and ISO/IEC 27002 were published. I have the feeling that the information security management people have not yet grasped how big a change the new versions are bringing. Especially ISO/IEC 27001.

19/11/2014 17:08:44

Default blog teaser image

A SWOT analysis of controls from ISO27001 and SANS 20 Critical Controls

A brief swot analysis of the major strengths and weaknesses of some of the leading security standards by Mark E.S. Bernard.

17/11/2014 11:55:58

Default blog teaser image

Dropbox for Business user logins were protected, according to ISO27001 certification review

Ernst &Young has attested that between July 7 and September 30, Dropbox for Business logins were "protected against unauthorized access, use or modification", according to an independent report that reviewed its qualifications for ISO 27001 certification.

28/10/2014 10:58:57

 

Case studies & ISO27001 champions

View all

Cambridge high-flyer looking forward to transitioning to ISO27001:2013

First cloud-based E-Commerce solution provider achieves ISO 27001:2013 certification

Bird&Bird receives ISO27001:2013 certification for UK and Germany-based ISMS

Mindteck becomes one of the first companies to transition to ISO 27001:2013

Quiss Technology becomes the first IT services provider in the UK to gain ISO 27001:2013 certification