Very often, I hear controversial discussions about whether information security is part of IT, or whether it should be separate from it, part of some compliance or risk department, etc. But, before we determine who should be handling information security and from which organizational unit, let’s see first the conceptual ...
The post Where does information security fit into a company? appeared first on 27001Academy.
Very often, I hear controversial discussions about whether information security is part of IT, or whether it should be separate from it, part of some compliance or risk department, etc. But, before we determine who should be handling information security and from which organizational unit, let’s see first the conceptual ...
The post Where does information security fit into a company? appeared first on 27001Academy.
Management system standards, especially those dealing with security and interruptions of business processes, use the term “incident management.” As these management system standards deal with different aspects of managing business processes (IT Service Management, Information Security, Business Continuity, Supply Chain Security, and possibly others), the term is widely used but ...
The post Incidents in ISO 22301 vs. ISO 27001 vs. ISO 20000 vs. ISO 28003 appeared first on 27001Academy.
Management system standards, especially those dealing with security and interruptions of business processes, use the term “incident management.” As these management system standards deal with different aspects of managing business processes (IT Service Management, Information Security, Business Continuity, Supply Chain Security, and possibly others), the term is widely used but ...
The post Incidents in ISO 22301 vs. ISO 27001 vs. ISO 20000 vs. ISO 28003 appeared first on 27001Academy.
Cloud solutions are attractive answers for those who look for cost savings and quick demand response infrastructure, and Internet searches can show you how these kinds of solutions are rapidly growing and being adopted by organizations of all sizes, especially by small and medium-sized organizations. However, their very nature requires ...
The post Resolving cloud security concerns by defining clear responsibilities according to ISO 27017 appeared first on 27001Academy.
More and more hospitals are interested in protecting their patient information, but they see ISO 27001 as not being specific enough. Although it covers many general aspects about information security, you can integrate it with other standards to cover specific aspects – for example, ISO 27799 for the protection of personal ...
The post How ISO 27001 and ISO 27799 complement each other in health organizations appeared first on 27001Academy.
More and more hospitals are interested in protecting their patient information, but they see ISO 27001 as not being specific enough. Although it covers many general aspects about information security, you can integrate it with other standards to cover specific aspects – for example, ISO 27799 for the protection of personal ...
The post How ISO 27001 and ISO 27799 complement each other in health organizations appeared first on 27001Academy.