Checklist of ISO/IEC 27001 - A.6.1.1 Information security roles and responsibilities to check the overall information risk and security governance and management structure.
A.5.1.2 of the ISO 27001 standard requires organizations to evaluate the process for reviewing information security and related policies. This involves checking a sample of policies for details such as policy title, scope and applicability, status, names of authors and accountable owners, version numbers, dates of publication, who approved them, document history/date of last and next reviews, and associated compliance arrangements.
The "Checklist for A.5.1.1 Policies for Information Security" is a comprehensive guide for ISO Annex A.5.1.1 that helps organizations establish and maintain effective information security policies.
The Statement of Applicability (SoA) is an important component of the ISO 27001 information security management system (ISMS) standard.
Penetration testing, also known as pen testing, is a type of security testing where a tester attempts to exploit vulnerabilities in a system to determine whether they can be used maliciously by attackers. Cloud applications are a popular target for attackers, which is why it's important to perform regular penetration tests on these systems.
A guide to Data Backup and recovery for small businesses with examples, pros, cons, standard operating procedures, facts and a to-do list.
What malware is, the protection methods that can be used, what should be included in an Information Security Management System (ISMS) standard operating procedure (SOP), the pros and cons and examples of how a small business can be protected from malware
A detailed overview of each step in the security audit process, including the objectives, methods, key considerations, pros, cons and tasks for each step.
ISO/IEC 27001:2013, AICPA TSC 2017, and NIST: A comparison of the major Information Security Management System frameworks with pros, cons and use case examples.
Data in transit and data at rest refer to the two main states of data. The article refers to the importance of securing data in transit and data at rest and provides a list of best practices for ensuring data security.