According to various sources, the leading business continuity standard BS 25999-2 will be replaced by an international standard ISO 22301 by the end of 2011. This kind of transition is normal – the same thing happens with most management standards, for instance with ISO 27001 when in 2005 it succeeded BS 7799-2. So what are [...]
Tag Archives | ISO 27001
How Much Does ISO 27001 Implementation Cost?
This is usually one of the first questions I receive from the potential client. To their disappointment, I cannot give them the exact figure right away – here is why. First of all, the total cost of implementation will depend on the size of your organization (or the size of the business unit(s) that will [...]
Lessons Learned from WikiLeaks: What is Information Security Exactly?
Nowadays WikiLeaks is a hot story for a good reason – it is not very common for confidential documents of the world’s most powerful government to be published on the Internet. And some of these documents are, to put it mildly, embarrassing. Here I am not going to write about whether it was legal for [...]
Mandatory Documented Procedures Required by ISO 27001
If you heard that ISO 27001 requires many procedures, this is not quite true. The standard actually requires only four documented procedures: a procedure for the control of documents, a procedure for internal ISMS audits, a procedure for corrective action, and a procedure for preventive action. The term “documented” means that “the procedure is established, [...]
ISO 27001 Annex A Controls
Annex A of ISO 27001 is probably the most mentioned annex of any management standard. Why is there so much talk about it? Why is it sometimes controversial? If you have read the Annex A, you have seen that 133 security controls are listed there. If that is the case, what is the main part [...]
ISO 27001 Implementation Checklist
If you are starting to implement ISO 27001, you are probably looking for an easy way to implement it. Let me disappoint you: there is no easy way to do it. However, I’ll try to make your job easier – here is the list of sixteen steps you have to go through if you want [...]
ISO 27001 vs. ISO 27002
If you came across both the ISO 27001 and the ISO 27002, you probably noticed that ISO 27002 is much more detailed, much more precise – so, what’s the purpose of ISO 27001 then? First of all, you cannot get certified against ISO 27002 because it is not a management standard. What does a management [...]
Using ISO 9001 for Implementing ISO 27001
You have already implemented ISO 9001? You have heard that ISO 27001 might be a good idea? But how can something that has to do with quality help you implement information security? It can, more than you may think. ISO 9001 specifies how the quality management systems (QMS) must look like, while ISO/IEC 27001 specifies [...]
Four Key Benefits of ISO 27001 Implementation
Have you ever tried to convince your management to fund the implementation of information security? If you have, you probably know how it feels – they will ask you how much it costs, and if it sounds too expensive they will say no. Actually, you shouldn’t blame them – after all, their ultimate responsibility is [...]
Information Security or IT Security?
One would think that these two terms are synonyms – after all, isn’t information security all about computers? Not really. The basic point is this – you might have perfect IT security measures, but only one malicious act done by, for instance, administrator can bring the whole IT system down. This risk has nothing to [...]
-
Seven Ways to Control the Cost of Data Growth
-
Cisco VoIP Phone Buyer’s Guide
-
IP Phone Comparison Chart
-
Best Phone Systems for an Effective Contact Center
-
The Cloud Advantage: Five Ways the Cloud Is Better for Business When Disaster Strikes
-
BYOD: Staying Secure with a Mobile Workforce
-
Remote Desktop Access for Mobile Users Without the Pain of VPN/RDP
-
Backup Basics: Distributed Vs Centralized Backup
-
The 8 Most Common Power Management Challenges & How to Overcome Them
-
Eight Simple Steps On How To Successfully Select An ERP System
-
Cradle Turns Smartphone Into Handheld Biosensor
-
BYOD: Staying Secure with a Mobile Workforce
-
Big Data, for Better or Worse: 90% of World’s Data Generated Over Last Two Years
-
IP Phone Comparison Chart
-
A Tiny Programmable Fly’s Eye
-
The 8 Most Common Power Management Challenges & How to Overcome Them
-
Over Half of Big Data & Cloud Projects Stall Because of Security Concerns
-
Seven Ways to Control the Cost of Data Growth
-
Soft Matter Offers New Ways to Study How Materials Arrange
-
How To Choose Between Generic and Industry-Specific ERP Systems
Subscribe / Connect
Subscribe to our e-mail newsletter to receive updates.
