Browse our site

Search for.... iso 27001 (3)

Blog (65) ISO 27001 Trans­ition Guide (1) Remove
Blog

Mitigating Threats Through Effective Management of Vulnerabilities and Configurations in ISO 27001:2022 Controls A.8.08 and A.8.09

In this instalment of our ISO 27001:2022 blog series, we delve into two critical controls from Annex A: A.8.08 Management of Technical Vulnerabilities and A.8.09 Configuration Management. These controls are vital for maintaining a secure and resilient information security environment, helping organisations proactively address vulnerabilities and establish robust configuration practices. In this p...
Show more
Blog

SOC 2 vs ISO 27001: Which Information Security Framework is Right for You?

In today’s digital economy, trust is currency. Whether you’re a SaaS provider scaling across markets or an enterprise processing sensitive client data, demonstrating your commitment to information security is no longer optional—it’s a prerequisite for doing business. Among the most recognized standards for managing and safeguarding data are SOC 2 Attestation and ISO 27001 Certification. They oft...
Show more
Blog

Mitigating Cyber Risks in Financial Services: The Impact of ISO 27001 Certification

In today’s digital world, where data privacy and protection are critical, organizations must prioritize information security. The growing number of cyber threats makes it essential for companies to safeguard sensitive information, whether it pertains to customers, employees, or partners. This is why businesses around the globe are implementing structured frameworks of policies and procedures to m...
Show more
Blog

Lessons learned from ISO 27001 - a case study of ENTERBRAIN Software

Information security is a must today - as evidenced by the daily news of cybercriminal attacks on organizations of all sizes and in all industries. Small and medium-sized enterprises in particular, but also many large companies, still do not have suitable protection for sensitive data and information against unauthorized access. The software service provider ENTERBRAIN is a good example of the su...
Show more
Blog

Understanding Clause 7.5: Documented Information

In the labyrinth of ISO 27001, one clause often causing headaches is 7.5 - Documented Information. The perennial dilemma of documenting enough without overdoing it can be a real challenge. Let's unravel the intricacies of this clause to shed light on what ISO 27001:2022 demands and how to navigate the documentation maze.
Show more
Blog

Risks, Opportunities, Objectives and Plans: Tips on implementing ISO 27001 Clause 6

The bedrock of ISO 27001 lies in managing risks and opportunities. The introduction to the standard clearly emphasises the importance of the information security management system (ISMS) in preserving the confidentiality, integrity, and availability of information. To instil confidence in interested parties, a robust system for managing risks and opportunities is imperative.
Show more
Blog

Practical Advice for Locking Down the Network with ISO 27001 Controls A.8.20–A.8.22

As part of ISO 27001:2022 Annex A, section 8 on technological controls, controls A.8.20 to A.8.22 focus on a critical component of information security: the network. Whether your organisation operates from a single office, supports remote workers, or has a complex multi-site infrastructure, network security forms the backbone of protecting data as it flows across systems and boundaries. In this p...
Show more
Blog

Data Resilience: Protecting Against Leaks, Loss, and Downtime with ISO 27001:2022 Controls 8.12 – 8.14

This post will cover key data resilience controls A.8.12 – A.8.14 of the ISO 27001:2022 standard. We will cover data leakage prevention to unauthorised users – a key way which malicious actors target and extract data from systems. Additionally, we look at the provision of redundancy within information systems and backups.
Show more
Blog

How thorough ISO 27001 auditing could have prevented a global data leak.

We recently became aware of a data leak where personal information of up to 64 million people was leaked to unauthorised users through a third-party system which was used. Luckily those who discovered the breach were ethical, reported the vulnerabilities they discovered to the companies affected.
Show more
Blog

Safeguarding Your Online Brand Presence: Leveraging ISO 27001 to protect your business on YouTube and beyond

Does your business use YouTube as a way to educate the public about your offerings and services? Or is YouTube used as the source to provide your service of providing information or entertainment for your business? Having your business become ISO 27001 certified can aid in safeguarding your business when it comes to your online commerce, especially when it may affect your public online presence.
Show more