Unlock the synergy between ISO 27001 and NIST! Dive into a comprehensive guide on how these two work together.
Information Security Management System Framework
9 posts
The complete answer list to major questions for the ISO 27001 Information Security Management System
Introduction: The concept of teleworking or telecommuting has been around for several decades. However, it was only in recent years that teleworking became a popular alternative to traditional office-based work. With the COVID-19 pandemic forcing many companies to adopt remote work policies, teleworking has become even more prevalent. Teleworking offers […]
A.5.1.2 of the ISO 27001 standard requires organizations to evaluate the process for reviewing information security and related policies. This involves checking a sample of policies for details such as policy title, scope and applicability, status, names of authors and accountable owners, version numbers, dates of publication, who approved them, document history/date of last and next reviews, and associated compliance arrangements.
The "Checklist for A.5.1.1 Policies for Information Security" is a comprehensive guide for ISO Annex A.5.1.1 that helps organizations establish and maintain effective information security policies.
The Statement of Applicability (SoA) is an important component of the ISO 27001 information security management system (ISMS) standard.
Penetration testing, also known as pen testing, is a type of security testing where a tester attempts to exploit vulnerabilities in a system to determine whether they can be used maliciously by attackers. Cloud applications are a popular target for attackers, which is why it's important to perform regular penetration tests on these systems.
A detailed overview of each step in the security audit process, including the objectives, methods, key considerations, pros, cons and tasks for each step.
ISO/IEC 27001:2013, AICPA TSC 2017, and NIST: A comparison of the major Information Security Management System frameworks with pros, cons and use case examples.