Posts by Rick Herman
There are 29 results found
New Podcast: Jim Moran & Howard Fox Episode: 31 ISO/IEC TS 27008:2019 – Guidelines for the Assessment of Information Security Controls
Howard and Jim chat about ISO/IEC TS 27008:2019 - Guidelines for the Assessment of Information Security Controls. Points discussed include: How do the ISO 27008 and ISO 27001 standards work together to enhance information security within organizations? Why is it important for organizations ...
New Podcast: Additional Observations and Benefits of Integrating an ISO 27001 Into an Existing ISO 9001 Quality Management System
Howard and Jim chat about "Additional Observations and Benefits of Integrating an ISO 27001 Into an Existing ISO 9001 Quality Management System." Points discussed include: How can integrating ISO 27001 into an existing ISO 9001 system benefit an organization? What are the key ...
New Podcast: Information Security in Supplier Contracts: ISO 27036 Part 2, Clause 7.5 – Supplier Termination Process
Howard and Jim chat about ISO 27036-2, Clause 7.5 - Supplier Termination Process. Points discussed include: How important is it for organizations of all sizes to prioritize information security? What are some challenges organizations face when it comes to supplier relationship termination? How ...
New Podcast: Information Security in Supplier Contracts: ISO 27036 Part 2, Clause 7.4 – Supplier Relationship Management Process
Howard and Jim chat about ISO 27036-2, Clause 7.4 - Supplier Relationship Management Process. Points discussed include: The importance for organizations to have a process for managing supplier relationships in terms of information security. The potential risks or vulnerabilities that organizations may face ...
New Podcast: Information Security in Supplier Contracts: ISO 27036 Part 2, Clause 7.3 – Supplier Relationship Agreement
Howard and Jim chat about ISO 27036-2, Clause 7.3 - Supplier Relationship Agreement Process. Points discussed include: How important it is for businesses to have supplier contracts that address information security? The key elements that should be included in an agreement to ensure ...
New Podcast: Cybersecurity in Supplier Relationships: ISO 27036 Part 2, Clause 7.2 – Supplier Selection Process
Howard and Jim chat about ISO 27036-2, Clause 7.2 - Supplier Selection Process. Points discussed include: How can organizations effectively plan their supplier relationships to mitigate information security risks? What are some real-life examples of information security breaches and their impact on organizations? ...
New Podcast: Cybersecurity in Supplier Relationships: ISO 27036 Part 2, Clause 7.1 Supplier Relationship Planning Process
Howard and Jim chat about ISO 27036-2, Clause 7.1 - Supplier Relationship Planning Process. Points discussed include: How do the ISO 27036 standards help protect against potential risks and ensure personal safety? What are some potential legal and regulatory issues that suppliers should ...
New Podcast: ISO 27036 Part 2 – Clause 6 Unpacked: Information security in supplier relationship management
Howard and Jim chat about ISO 27036 Part 2 - Clause 6 - Information security in supplier relationship management Points discussed include: How does the ISO Review podcast contribute to the understanding and implementation of ISO standards in various industries? What are some ...
New Podcast: Protecting Your Data: ISO 27036-1: Overview of Risks and Best Practices – Guidance for Supplier Relationships
Howard and Jim chat about ISO 27036 Part I - Protecting Your Data: Overview of Understanding the Risks and Best Practices Guidance for Supplier Relationships. Points discussed include: Why is due diligence important when choosing suppliers? Why it's important to evaluate the security ...
New Podcast: ISO 27008 Guidelines for Assessing Annex A Controls
Howard and Jim chat about ISO 27008 Guidelines for Assessing Annex A Controls. Points discussed include: How many controls are required in ISO 27008? What are the seven steps outlined in ISO 27008 for measuring and assessing controls? How can ISO 27008 help ...