Incident management is one of the key processes to ensure the effectiveness of any business operation. With more or less sophistication and maturity, practically any organization has practices in place to deal with undesired events, and some of these were so commonplace that they became industry good practices and the ...
The post Using ITIL to implement ISO 27001 incident management appeared first on 27001Academy.
Think about a house, or office, with only one big space where you can arrange all your loved and precious things the way you think most appropriate. Tempting, isn´t it? The flexibility to use the space and ease of seeing everything right away seems like a big deal. Now, imagine ...
The post Requirements to implement network segregation according to ISO 27001 control A.13.1.3 appeared first on 27001Academy.
One of the issues that most concern managers of an organization is that their employees (although employees are not the only source of incidents, but also clients, providers, etc.) be able to work without any incident. However, this is practically impossible, because the people are not perfect, and therefore neither ...
The post How to handle incidents according to ISO 27001 A.16 appeared first on 27001Academy.
What do diverse situations like the Battle of Trafalgar (1805), the Cooley–Tukey FFT algorithm (1965), and the multi-sided market competition have in common? They are all examples of big or complex problems divided into smaller and more manageable pieces to reach a winning solution. This is a strategy called “Divide ...
The post ISO 27001 project management: Implementing complex security controls using Work Breakdown Structure (WBS) appeared first on 27001Academy.
What do diverse situations like the Battle of Trafalgar (1805), the Cooley–Tukey FFT algorithm (1965), and the multi-sided market competition have in common? They are all examples of big or complex problems divided into smaller and more manageable pieces to reach a winning solution. This is a strategy called “Divide ...
The post ISO 27001 project management: Implementing complex security controls using Work Breakdown Structure (WBS) appeared first on 27001Academy.
You have certainly already heard, or lived, this scenario: it is a normal day and the systems are working fine, when suddenly they slow down for no apparent reason or simply stop. User support starts to receive dozens of calls, and the IT staff works hard for hours to put ...
The post How to manage technical vulnerabilities according to ISO 27001 control A.12.6.1 appeared first on 27001Academy.
Recently, we saw the release of new versions of two of the best-known ISO standards: ISO 9001 (requirements for Quality Management Systems) and ISO 14001 (requirements for Environmental Management Systems). Like ISO 22301 and ISO 27001:2013, these standards follow a similar structure, based on Annex SL, Appendix 2 of ISO/IEC Directives (for more ...
The post How to implement integrated management systems appeared first on 27001Academy.