Posts by Rick Herman
There are 13 results found
New Podcast: Integration of an ISO 27001 into an existing ISO 9001 QMS
Howard and Jim chat about the integration of an ISO 27001 into an existing ISO 9001 QMS. Points discussed include: ISO 9001 Quality Management Standard is the most prevalent in the world. It's been around since 1987 and there are over 2 million ...
New Podcast: ISO 27001 Statement of Applicability Document
Howard and Jim chat about the ISO 27001:2022 - Statement of Applicability (SoA) Items discussed include: The Statement of Applicability is required for ISO 27001 certification. It’s a statement that explains which Annex A security controls are — or aren’t — applicable to ...
New Podcast: ISO 27007 – Guidance for Information Security Management Systems Auditing
Howard and Jim chat about ISO 27007 - Guidance for Information Security Management Systems Auditing. Items discussed include: Plan - Do - Check - Act Approach. Getting clients to ask their auditees if the procedure, the way it's been implemented, is getting them ...
New Podcast: ISO 27005 – Managing Information Security Risks
Howard and Jim chat about ISO 27005 - Managing Information Security Risks in this episode of the ISO Review Podcast. Items discussed include: Plan - Do - Check - Act Approach Identify the risk Analyze the naure and level of the risk Evaluate ...
New Podcast: ISO 27002 – Security Techniques
Howard and Jim review ISO 27002 - Security Techniques in this episode of the ISO Review Podcast. Items discussed include: Information security, cybersecurity and privacy protection — Information security controls Scope Normative References Terms, definitions, and abbreviated terms Structure of the Document Organizational ...
New Podcast: ISO 27001:2022 – Here’s What to Look For…
In this episode, Howard and Jim review the changes in ISO 27001:2022, Information Security Management Systems Requirements Items discussed include: ISO 27001 - Information Security Management System was the pioneer in what was first known as the High Level Structure, is now called the ...
New Podcast: Guidance for Improving your Internal Audits For an Information Security Management System
Guidance for Improving your Internal Audits For an Information Security Management System In this episode, Howard and Jim discuss, Guidance for Improving your Internal Audits for an Information Security Management System. Highlights include: Does the information security auditor have the proper security clearance to access ...
New Podcast: What You Need To Know to Become a Certified ISO Management System Professional
What You Need To Know to Become a Certified ISO Management System Professional In this episode, Howard and Jim discuss, What You Need To Know to Become a Certified ISO Management System Professional. Items highlighted include: MSP Course #1 – ISO 9004:2018 – Sustainable Success ...
New Podcast: Your Path to Become a Certified Lead Auditor
Your Path to Become a Certified Lead Auditor In this episode, Howard and Jim discuss the path to become a Certified Lead Auditor. Points Covered How to become a Certified Lead Auditor. Who is the body that certifies lead auditors. What are the courses ...
New Podcast: ISO 27001: ISO 27001 – Auditing an Information Security Management System: What Specific Guidance is Available?
ISO 27001 - Auditing an Information Security Management System: What Specific Guidance is Available? In this episode, Howard and Jim continue their conversation about ISO 27001, Information Security Management System (ISMS) to Manage Cyber Attacks, and unpack what specific guidance is available on how ...