Collaborate Disseminate
In the Annex C of ISO/IEC 27005 typical threats are described, among others eavesdropping and remote spying. When searching on the internet for further description of the two terms I found them used synonymously.
So why are… Continue reading What is the difference between ‘Eavesdropping’ and ‘Remote Spying’ in ISO/IEC 27005?
I’m in the process of defining a risk assessment methodology for a company that would like to be aligned with ISO 27001. The standard states clearly that the aim is the protection of CIA (confidentiality, integrity, availability).
Do I h… Continue reading ISO27001 Risk Assessment Methodology
I’m in the process of defining a risk assessment methodology for a company that would like to be aligned with ISO 27001. The standard states clearly that the aim is the protection of CIA (confidentiality, integrity, availability).
Do I h… Continue reading ISO27001 Risk Assessment Methodology
I would like to apply ISO 27001 best practices for a company that has not completed its final online architecture yet and it is still under development phase. However, they pretty much know which technologies/systems (mainly … Continue reading Risk Assessment Methodology ISO 27001
Is it possible for an entity or a division part of an organization to be certified ISO 27001, specifically the Division Information Security Management System?
Continue reading Is it possible for one Division of an organization to be certified ISO 27001?
What is the difference between ISO 27001 and ISO 27002? Are they related to each other or not?
Continue reading What is the difference between ISO 27001 and ISO 27002?
In implementing ISO27000 (ISO27001&27002) I am wondering where I can download and review the standard? I wish to start implementing it but I am a bit stumped on where to start.
Some sites offer to sell some PDF’s that su… Continue reading ISO27000 implementation – Where do you get the standardization material?