3 myths about ISO 27001 certification

ISO 27001 is the international standard for an ISMS (information security management system), a best-practice approach to security that helps organisations achieve all of their data privacy compliance objectives. If you are currently weighing up your o… Continue reading 3 myths about ISO 27001 certification

How long does an ISO 27001 risk assessment take?

Completing a risk assessment is often the most complex and difficult aspect of an ISO 27001 project. Whatever tool you decide to use in your project, it needs to take into account many elements, such as assets, threats, vulnerabilities and controls, an… Continue reading How long does an ISO 27001 risk assessment take?

ISO 27001 risk assessments: The problem with using spreadsheets

An ISO 27001 risk assessment is at the core of your organisation’s information security management system (ISMS). Those new to tackling this complex step may rely on using a manual, inexpensive solution such as spreadsheets, but there are many di… Continue reading ISO 27001 risk assessments: The problem with using spreadsheets

GDPR data mapping: How to tackle complex processes

As part of your EU General Data Protection Regulation (GDPR) compliance project, your organisation will need to understand what personal data it processes. You will likely choose data mapping as a way to meet these requirements. Key elements of data ma… Continue reading GDPR data mapping: How to tackle complex processes

How to create a risk treatment plan for your information security management system

A risk treatment plan (RTP) is one of the mandatory reports that you will need to produce for your ISO 27001 information security management system (ISMS). What is a risk treatment plan? An RTP provides a summary of each of the identified risks, the re… Continue reading How to create a risk treatment plan for your information security management system

GDPR data mapping key elements

Data mapping will be a key part of your compliance project in the run-up to the EU General Data Protection Regulation (GDPR) compliance deadline of May 2018. The Regulation introduces numerous changes – and the change from complying with the curr… Continue reading GDPR data mapping key elements