Toggle SlidingBar Area

Blog

/Blog

ISO 27001 Internal Auditor training – Is it good for my career?

With business processes under constant pressure from management, customers, and other interested parties, to protect information exactly as requested, by means of technical specifications, legal requirements, or business objectives, and the greater complexity and sophistication of operations, the use of audit expertise in information security is becoming a critical point ...

The post ISO 27001 Internal Auditor training – Is it good for my career? appeared first on 27001Academy.

By | März 29th, 2016|Blog, BSI, compliance, ISMS, ISMS (BSI, ISO 27001), ISO 27001 Internal auditor training, ISO27001, non-conformities, Notfallmanagement, opportunities for improvement, Penetrationstest, Penetrationstests, Risikomanagement, Unternehmen, Veranstaltungen, Zertifizierung & Audit|Kommentare deaktiviert für ISO 27001 Internal Auditor training – Is it good for my career?
Read More

ISO 27001 Internal Auditor training – Is it good for my career?

With business processes under constant pressure from management, customers, and other interested parties, to protect information exactly as requested, by means of technical specifications, legal requirements, or business objectives, and the greater complexity and sophistication of operations, the use of audit expertise in information security is becoming a critical point ...

The post ISO 27001 Internal Auditor training – Is it good for my career? appeared first on 27001Academy.

By | März 29th, 2016|Blog, BSI, compliance, ISMS, ISMS (BSI, ISO 27001), ISO 27001 Internal auditor training, ISO27001, non-conformities, Notfallmanagement, opportunities for improvement, Penetrationstest, Penetrationstests, Risikomanagement, Unternehmen, Veranstaltungen, Zertifizierung & Audit|Kommentare deaktiviert für ISO 27001 Internal Auditor training – Is it good for my career?
Read More

The challenging role of the ISO 22301 BCM Manager

The Business Continuity Management (BCM) manager plays a pivotal role in the implementation of a BCM approach. As such, the role faces multiple challenges, from both top management and key process owners within the organization. As BCM is considered to be a cost factor in the first place, proper funding and ...

The post The challenging role of the ISO 22301 BCM Manager appeared first on 27001Academy.

By | März 21st, 2016|Audit, Blog, BSI, Business Continuity Manager, ISMS, ISMS (BSI, ISO 27001), ISO 22301, ISO27001, Management Commitment, Notfallmanagement, Penetrationstest, Penetrationstests, Risikomanagement, Unternehmen, Veranstaltungen, Zertifizierung & Audit|Kommentare deaktiviert für The challenging role of the ISO 22301 BCM Manager
Read More

The challenging role of the ISO 22301 BCM Manager

The Business Continuity Management (BCM) manager plays a pivotal role in the implementation of a BCM approach. As such, the role faces multiple challenges, from both top management and key process owners within the organization. As BCM is considered to be a cost factor in the first place, proper funding and ...

The post The challenging role of the ISO 22301 BCM Manager appeared first on 27001Academy.

By | März 21st, 2016|Audit, Blog, BSI, Business Continuity Manager, ISMS, ISMS (BSI, ISO 27001), ISO 22301, ISO27001, Management Commitment, Notfallmanagement, Penetrationstest, Penetrationstests, Risikomanagement, Unternehmen, Veranstaltungen, Zertifizierung & Audit|Kommentare deaktiviert für The challenging role of the ISO 22301 BCM Manager
Read More

Clear desk and clear screen policy – What does ISO 27001 require?

Imagine this scene: an employee at his desk, in an open-plan office, is reviewing on his notebook some data to prepare a report about the last quarter financial results, or the pre-selling performance evaluation of the organization’s newest product. He receives a telephone call from his boss about a quick ...

The post Clear desk and clear screen policy – What does ISO 27001 require? appeared first on 27001Academy.

By | März 14th, 2016|Blog, BSI, clear desk and clear screen policy, information disclosure, ISMS, ISMS (BSI, ISO 27001), ISO 27002, ISO27001, Notfallmanagement, Penetrationstest, Penetrationstests, Risikomanagement, unauthorized access, Unternehmen, Veranstaltungen, workspace protection, Zertifizierung & Audit|Kommentare deaktiviert für Clear desk and clear screen policy – What does ISO 27001 require?
Read More

Clear desk and clear screen policy – What does ISO 27001 require?

Imagine this scene: an employee at his desk, in an open-plan office, is reviewing on his notebook some data to prepare a report about the last quarter financial results, or the pre-selling performance evaluation of the organization’s newest product. He receives a telephone call from his boss about a quick ...

The post Clear desk and clear screen policy – What does ISO 27001 require? appeared first on 27001Academy.

By | März 14th, 2016|Blog, BSI, clear desk and clear screen policy, information disclosure, ISMS, ISMS (BSI, ISO 27001), ISO 27002, ISO27001, Notfallmanagement, Penetrationstest, Penetrationstests, Risikomanagement, unauthorized access, Unternehmen, Veranstaltungen, workspace protection, Zertifizierung & Audit|Kommentare deaktiviert für Clear desk and clear screen policy – What does ISO 27001 require?
Read More

ISO 27001 vs. ITIL: Similarities and differences

IT services are one of the main pathways for information to flow through organizations, their clients and partners, and as legal and contractual requirements are increasingly including information protection demands (the healthcare industry is an example), these services and their management practices must evolve to adapt to this new scenario. ...

The post ISO 27001 vs. ITIL: Similarities and differences appeared first on 27001Academy.

By | März 7th, 2016|best practice, Blog, BSI, framework, ISMS, ISMS (BSI, ISO 27001), ISO 27001, ISO27001, ITIL, Notfallmanagement, Penetrationstest, Penetrationstests, Risikomanagement, standard, Unternehmen, Veranstaltungen, Zertifizierung & Audit|Kommentare deaktiviert für ISO 27001 vs. ITIL: Similarities and differences
Read More

ISO 27001 vs. ITIL: Similarities and differences

IT services are one of the main pathways for information to flow through organizations, their clients and partners, and as legal and contractual requirements are increasingly including information protection demands (the healthcare industry is an example), these services and their management practices must evolve to adapt to this new scenario. ...

The post ISO 27001 vs. ITIL: Similarities and differences appeared first on 27001Academy.

By | März 7th, 2016|best practice, Blog, BSI, framework, ISMS, ISMS (BSI, ISO 27001), ISO 27001, ISO27001, ITIL, Notfallmanagement, Penetrationstest, Penetrationstests, Risikomanagement, standard, Unternehmen, Veranstaltungen, Zertifizierung & Audit|Kommentare deaktiviert für ISO 27001 vs. ITIL: Similarities and differences
Read More

Accreditation vs. certification vs. registration in the ISO world

Things with ISO standards can get really complicated: there are many ISO management standards – the most popular ones are ISO 9001, ISO 14001, ISO 27001, ISO 22301, ISO 20000, etc. – and there are a multitude of ways to get accredited/certified/registered related to those standards. But, that’s not all ...

The post Accreditation vs. certification vs. registration in the ISO world appeared first on 27001Academy.

By | Februar 29th, 2016|accreditation, Blog, BSI, Certification, ISMS, ISMS (BSI, ISO 27001), ISO 14001, ISO 27001, ISO 9001, ISO27001, Notfallmanagement, online training, Penetrationstest, Penetrationstests, registration, Risikomanagement, Unternehmen, Veranstaltungen, Zertifizierung & Audit|Kommentare deaktiviert für Accreditation vs. certification vs. registration in the ISO world
Read More

Accreditation vs. certification vs. registration in the ISO world

Things with ISO standards can get really complicated: there are many ISO management standards – the most popular ones are ISO 9001, ISO 14001, ISO 27001, ISO 22301, ISO 20000, etc. – and there are a multitude of ways to get accredited/certified/registered related to those standards. But, that’s not all ...

The post Accreditation vs. certification vs. registration in the ISO world appeared first on 27001Academy.

By | Februar 29th, 2016|accreditation, Blog, BSI, Certification, ISMS, ISMS (BSI, ISO 27001), ISO 14001, ISO 27001, ISO 9001, ISO27001, Notfallmanagement, online training, Penetrationstest, Penetrationstests, registration, Risikomanagement, Unternehmen, Veranstaltungen, Zertifizierung & Audit|Kommentare deaktiviert für Accreditation vs. certification vs. registration in the ISO world
Read More

Implementing capacity management according to ISO 27001:2013 control A.12.1.3.

I’m sure you know, but it’s always about meeting agreed SLAs with your customers (internal and/or external) in the most cost-effective manner. Appropriate performance under an acceptable price is the holy grail of any successful business. To run a successful business you need a reasonable business plan, great understanding of ...

The post Implementing capacity management according to ISO 27001:2013 control A.12.1.3. appeared first on 27001Academy.

By | Februar 22nd, 2016|A.12.1.3, Blog, BSI, Capacity management, ISMS, ISMS (BSI, ISO 27001), ISO 27001:2013, ISO27001, Notfallmanagement, Penetrationstest, Penetrationstests, Risikomanagement, Unternehmen, Veranstaltungen, Zertifizierung & Audit|Kommentare deaktiviert für Implementing capacity management according to ISO 27001:2013 control A.12.1.3.
Read More

Implementing capacity management according to ISO 27001:2013 control A.12.1.3.

I’m sure you know, but it’s always about meeting agreed SLAs with your customers (internal and/or external) in the most cost-effective manner. Appropriate performance under an acceptable price is the holy grail of any successful business. To run a successful business you need a reasonable business plan, great understanding of ...

The post Implementing capacity management according to ISO 27001:2013 control A.12.1.3. appeared first on 27001Academy.

By | Februar 22nd, 2016|A.12.1.3, Blog, BSI, Capacity management, ISMS, ISMS (BSI, ISO 27001), ISO 27001:2013, ISO27001, Notfallmanagement, Penetrationstest, Penetrationstests, Risikomanagement, Unternehmen, Veranstaltungen, Zertifizierung & Audit|Kommentare deaktiviert für Implementing capacity management according to ISO 27001:2013 control A.12.1.3.
Read More

What to look for when hiring a security professional

Besides proper procedures and technologies, counting on good professionals can make all the difference during implementation and operation of any process or project. The “Apollo 13” movie shows what skilled men can do when procedures and technology fail (remember the “mailbox” device). On the other hand, what are the chances ...

The post What to look for when hiring a security professional appeared first on 27001Academy.

By | Februar 15th, 2016|Blog, BSI, competency, ISMS, ISMS (BSI, ISO 27001), ISO 27001, ISO27001, knowledge, Notfallmanagement, Penetrationstest, Penetrationstests, Risikomanagement, skills, Unternehmen, Veranstaltungen, Zertifizierung & Audit|Kommentare deaktiviert für What to look for when hiring a security professional
Read More

What to look for when hiring a security professional

Besides proper procedures and technologies, counting on good professionals can make all the difference during implementation and operation of any process or project. The “Apollo 13” movie shows what skilled men can do when procedures and technology fail (remember the “mailbox” device). On the other hand, what are the chances ...

The post What to look for when hiring a security professional appeared first on 27001Academy.

By | Februar 15th, 2016|Blog, BSI, competency, ISMS, ISMS (BSI, ISO 27001), ISO 27001, ISO27001, knowledge, Notfallmanagement, Penetrationstest, Penetrationstests, Risikomanagement, skills, Unternehmen, Veranstaltungen, Zertifizierung & Audit|Kommentare deaktiviert für What to look for when hiring a security professional
Read More

Implementing restrictions on software installation using ISO 27001 control A.12.6.2

Currently, in all companies around the world, it is necessary to install software (operating systems, office applications, financial applications, applications development, etc.). But, in general, the installation of this software is not sufficiently controlled, which can lead to certain risks. ISO 27001:2013 can help these companies with the implementation of an Information ...

The post Implementing restrictions on software installation using ISO 27001 control A.12.6.2 appeared first on 27001Academy.

By | Februar 8th, 2016|A.12.6.2, applications, Blog, BSI, installation, inventory, ISMS, ISMS (BSI, ISO 27001), ISO 27001, ISO27001, Notfallmanagement, Penetrationstest, Penetrationstests, repository, restrictions, restrictions on software installation, Risikomanagement, risks, software, Unternehmen, Veranstaltungen, Zertifizierung & Audit|Kommentare deaktiviert für Implementing restrictions on software installation using ISO 27001 control A.12.6.2
Read More
Kai Wittenburg