iso27001 – Page 4 – WindowsTechs.com

Does a customer who uses a cloud service provider with ISO27017 compliance, need their own certificate to be compliant themselves?

Posted on October 31, 2019 by gordon613

ISO 27017 advises both cloud service customers and providers. Microsoft Azure is compliant with ISO27017.

Let us say that a cloud service customer who uses Microsoft Azure wants to be compliant with ISO27017 – I assume that… Continue reading Does a customer who uses a cloud service provider with ISO27017 compliance, need their own certificate to be compliant themselves?→

Is there a default assets grouping in order to perform Information Security Risk Assessment?

Posted on October 4, 2019 by dropdown

I am working on the implementation of an ISMS and aiming to get 27001 certification. While i was conducting the Risk Assessment, I found it difficult to match all those assets/asset components with all the threats/threat events without mak… Continue reading Is there a default assets grouping in order to perform Information Security Risk Assessment?→

How does a merger formally impact an ISO 27001 certification?

Posted on August 28, 2019 by WoJ

Organization A has a service that is ISO 27001 certified. It is acquired by Organization B which does not have any certification.

What are the formal impacts of the acquisition on the ISO 27001 certification?

I am intereste… Continue reading How does a merger formally impact an ISO 27001 certification?→

SSAE 16 SOC II vs ISO/IEC 27001 – Any reason to do both?

Posted on June 27, 2019 by Roy

I manage risks for a small SaaS provider based in Europe and have always had the understanding that an ISO/IEC 27001 certification covers just about every aspect of information security management and generally holds companie… Continue reading SSAE 16 SOC II vs ISO/IEC 27001 – Any reason to do both?→

Why Consider ISO 27001 Certification?

Posted on June 4, 2019 by Apptega

Are you considering the ISO/IEC 27000 family of standards for your organization? Are you curious about the purpose of these standards? Why would you choose to implement them? As it turns out, the answers to these questions are simple: … Continue reading Why Consider ISO 27001 Certification?→

standards reference to perimeter security

Posted on May 2, 2019 by Ants0

I have the following problematic that I am currently dealing with. I have two zones/perimeters that need to be interconnected, some standards protocols have to be whitelisted such as HTTP, FTP, SSH and so on. But the only iss… Continue reading standards reference to perimeter security→

Internal Audit and IT: Joining the Same Cybersecurity Team

Posted on April 4, 2019 by Apptega

Effective cybersecurity management requires cross-collaboration between multiple stakeholders, and becomes increasingly complex with larger organizations. Though technology can serve as a solution to mitigate security risk, oftentimes the solution… Continue reading Internal Audit and IT: Joining the Same Cybersecurity Team→

Change & Configuration Management Waves Revolutionizing Cybersecurity

Posted on March 26, 2019 by Apptega

Configuration management is a buzzword that gets tossed around quite a lot these days. Defined as the process of identifying, controlling, tracking, and auditing changes made to a baseline, configuration management is a critical part of a strong s… Continue reading Change & Configuration Management Waves Revolutionizing Cybersecurity→

Which Cybersecurity Framework is Right for You?

Posted on February 20, 2019 by Apptega

SOC 2, CIS, NIST, ISO27001, PCI and more. How do you choose?
Given the growing amount of information and data that businesses of all sizes are having to manage, great cybersecurity is increasingly the most critical element of IT. Accenture estimat… Continue reading Which Cybersecurity Framework is Right for You?→