Browse our site

Search for.... iso 27001 (11)

Blog (65) DQS Academy - Train­ings & Courses (20) Product (16) White Papers (5) Newsroom (2) ISO 27001 Trans­ition Guide (1) Know­ledge Center (1)
Blog

Locking Down Your Security: Best Practices for Physical ISMS Protection in Controls A.7.1 - A.7.5 of ISO 27001

In this blog post, we move on from People Controls, and into those “Physical Controls” which aim to protect the physical premises where your data is stored and used. This includes your office, as well as any data centres that you may use. With the increased use of cloud services for data storage and processing, you may wish to assess the risks associated with your offices based on the data stored...
Show more
Blog

Standards for information security - an overview

In times when data and information are traded like commodities, protecting them is essential. One way to do this is to implement information security management based on the ISO/IEC 2700x series of information security standards. This is an international family of standards for IT security and information security in private, public or non-profit organizations. Based on ISO 27001, an information ...
Show more
Blog

Information security incidents: Employees as a success factor

IT security incidents and information security incidents are omnipresent in media reports today. But how do cybercriminals actually obtain the information they need to compromise IT systems? And how do they manage to send fake emails to as many employees of a company as possible? In this blog post, DQS explores how phishing attacks typically work today, why security awareness is so important, and...
Show more
Blog

Configuration management in information security

Modern IT landscapes require the coordinated interaction of IT resources, network infrastructures, hardware and software applications and various types of services. The key to high-performance and secure operation lies in the proper configuration of all systems, components and applications involved. The new control 8.9 in information security,  "Configuration management" from the updated version ...
Show more
Blog

Corporate information security: A case study of Mubea group

Today, solid information security brings far more advantages for companies than simply securing the technical infrastructure. Entire business processes now depend significantly on it - whether it is the secure handling of sensitive data or the legally compliant processing of the same. That is why the term now encompasses the protection of the entire flow of information. Automotive supplier Mubea ...
Show more
Blog

Architecting Secure Software with ISO 27001 Controls A.8.25 – A.8.27

Software is at the heart of nearly every business operation from powering services, storing sensitive data to enabling customer interactions. But with increased reliance on software comes increased risk. Vulnerabilities introduced during development can become prime entry points for attackers, especially when security isn't baked in from the beginning.In this post we start analysing ISO/IEC 27001...
Show more
Blog

PIA vs SRAA: Which Assessment is Right for You?

“Our client asked if we’ve completed any security audits or privacy assessments. We’re a service provider for big organizations and the governments in HK—should we do PIA or SRAA first?” That was the exact question a tech company founder asked during a recent consultation. And it’s a common one. In today’s risk-driven digital environment, privacy and cybersecurity are no longer optional add-ons...
Show more
Blog

What is a management manual?

Once upon a time, the management manual was the central medium for the comprehensive documentation of a (quality) management system. However, with time and the revisions of the well-known management system standards such as ISO 9001 (quality), ISO 14001 (environment) or ISO 27001 (information security), the term has fallen out of use. The reason: the revised standards no longer require a (QM) man...
Show more
Blog

ISO/IEC 27001 in Logistics: Building Security into the Flow of Goods and Data

The way we move goods today is a world apart from how things operated a decade ago. Logistics has gone digital. Systems now talk to each other across borders. Fleets are tracked in real time. Warehouses run on data just as much as forklifts. And with that progress comes a new kind of responsibility: Keeping the information behind it all safe.If your business is part of the supply chain, whether y...
Show more
Blog

Unlocking Trustworthy AI: What You Need to Know About ISO/IEC 42001 Certification

As artificial intelligence (AI) becomes more embedded in the core of business operations, ensuring its safe, ethical and transparent use has never been more critical. This is why the launch of ISO/IEC 42001, the world’s first AI-specific management system standard, marks a milestone for organizations looking to deploy AI responsibly.DQS is among the few certification bodies offering ISO/IEC 42001...
Show more