3 myths about ISO 27001 certification

ISO 27001 is the international standard for an ISMS (information security management system), a best-practice approach to security that helps organisations achieve all of their data privacy compliance objectives. If you are currently weighing up your o… Continue reading 3 myths about ISO 27001 certification

Top 10 risks to include in an information security risk assessment

An ISO 27001 risk assessment should have five key steps. In this blog, we look at the second step in the process: identifying the risks that organisations face. How to identify threats You must determine which can compromise the confidentiality, integr… Continue reading Top 10 risks to include in an information security risk assessment

Risk terminology: Understanding assets, threats and vulnerabilities

Whether you’re addressing cyber security on your own, following ISO 27001 or using the guidance outlined in the GDPR (General Data Protection Regulation), the process begins by assessing the risks you face. You might have a broad idea of what a r… Continue reading Risk terminology: Understanding assets, threats and vulnerabilities

What to expect from Stage 1 and Stage 2 ISO 27001 audits

Those who are just getting to know ISO 27001 will no doubt find the audit a daunting prospect. It’s a big, complex task that can be tricky for even experienced professionals. But, as with many challenges, you can overcome any concerns by preparin… Continue reading What to expect from Stage 1 and Stage 2 ISO 27001 audits

Identifying assets for conducting an asset-based risk assessment

If you’re certifying to ISO 27001, one of the first things you need to do identify your information assets. After all, it’s only once you know what you’re dealing with that you determine the threats associated with them. Information a… Continue reading Identifying assets for conducting an asset-based risk assessment

6 of the best reports for your ISO 27001 audit

ISO 27001 audits can be intimidating, especially if it’s the first time that your ISMS (information security management system) has been audited. So how can you make sure you’re doing everything that you should? This blog helps you settle y… Continue reading 6 of the best reports for your ISO 27001 audit

A third-party supplier has breached the GDPR – am I liable?

Third-party suppliers are a common concern for organisations getting their GDPR (General Data Protection Regulation) compliance in order. When the Regulation was first introduced, the issue of third-party suppliers and their relation to organisations&#… Continue reading A third-party supplier has breached the GDPR – am I liable?

3 things finance professionals need to know about the GDPR

Are you part of an in-house finance team? Or do you work for a finance provider – an accountancy firm, perhaps, or a financial advisory company? Like professionals in any other sector, you are subject to the EU’s GDPR (General Data Protecti… Continue reading 3 things finance professionals need to know about the GDPR