ISO/IEC 27001:2013
ISO27001:2013 - Latest News

Latest News

Default blog teaser image

How do you define the scope when embarking on a new ISMS implementation?

Should a company segregate the ISMS as it applies to a specific project or range of products and clients, purely for certification purposes? Having read several comments on social media forums, I found opinion to be surprisingly divided.

09/12/2014 09:54:05

Default blog teaser image

A word on risk assessments, interested parties and monitoring performance

ISO27001 defines the high-level requirements that all information security programmes should include and provides a structure for evaluating the comprehensiveness of such a programme. Many companies use the standard as a blueprint for designing a comprehensive set of security controls and an effective way to measure their own programmes.

24/11/2014 16:56:43

Default blog teaser image

A look back at ISO/IEC 27001:2013 and ISO/IEC 27002:2013

The following article was taken from the original article written by Marino G. Njalsson, Senior Security Consultant at HP Enterprise Security Services. It is now several months since the new versions of ISO/IEC 27001 and ISO/IEC 27002 were published. I have the feeling that the information security management people have not yet grasped how big a change the new versions are bringing. Especially ISO/IEC 27001.

19/11/2014 17:08:44

Default blog teaser image

A SWOT analysis of controls from ISO27001 and SANS 20 Critical Controls

A brief swot analysis of the major strengths and weaknesses of some of the leading security standards by Mark E.S. Bernard.

17/11/2014 11:55:58

Default blog teaser image

Dropbox for Business user logins were protected, according to ISO27001 certification review

Ernst &Young has attested that between July 7 and September 30, Dropbox for Business logins were "protected against unauthorized access, use or modification", according to an independent report that reviewed its qualifications for ISO 27001 certification.

28/10/2014 10:58:57

Default blog teaser image

ISO27001:2013 states regulatory obligations are to be met first

For those who are transitioning from ISO27001:2005 to ISO27001:2013, the new standard is clear that the selection of controls should be determined through the process of risk assessment and treatment, and not only from Annex A.

28/10/2014 10:42:02

Default blog teaser image

Accreditation in the secure payments industry: a retailer's perspective

In the payments sector, a variety of accreditations exist to reassure customers that their sensitive information is not at risk of being stolen and used fraudulently.

27/10/2014 16:47:14

Default blog teaser image

New certifications to ISO27001:2005 have officially ended

According to a statement released by the UK accreditation body, UKAS, Certification Bodies should no longer accept any further applications for certification to ISO27001:2005. This follows an updated transition statement that was released by UKAS in June 2014 to all Certification Bodies offering ISMS certification from ISO/IEC 27001: 2005 to ISO/IEC 27001: 2013. 

21/10/2014 09:28:34

Default blog teaser image

Farewell BS 7799-3

 Farewell BS 7799-3

17/10/2014 09:22:32

Default blog teaser image

As of 31 October 2014, ISO 27001:2013 with a corrigendum comes into effect.

As of 31 October 2014, ISO 27001:2013 with a corrigendum comes into effect.

17/10/2014 09:12:37

Displaying results 1-10 (of 48)
 |<  < 1 - 2 - 3 - 4 - 5  >  >| 
Blog post currently doesn't have any comments.

Sign up

Password strength:
By clicking on the 'I accept' button, you confirm that you accept the Terms and Conditions & Privacy Policy.

Sign in

Forgotten password