Category "Uncategorized"

Howard and Jim chat about Competence Requirements For Information Security Management Systems Professionals. Points discussed include:  What is the importance of communication and documentation in auditing firms for ISMS professionals?  How can auditors prepare for an audit, and what information should they request ...

Howard and Jim chat about the Path to ISO 27001 Certification. Points discussed include: What is ISO 27001 and why do some organizations need certification in it? Do most organizations need to be certified in ISO 27001 to bid on projects in the ...

Howard and Jim chat about  ISO 27001, Annex A - Technical  Controls. Points discussed include a review of the 14 controls in Clause 8: Annex A, Clause Eight, Technical Controls Number of controls:34  (8.1 to 8.34) Listen Now On Our Next Episode The ...

Howard and Jim chat about  ISO 27001, Annex A - Physical Controls. Points discussed include a review of the 14 controls in Clause 7: Annex A, Clause Seven, Physical Controls Number of controls:14  (7.1 to 7.14) Listen Now On Our Next Episode ISO ...

Howard and Jim chat about  ISO 27001, Annex A - People Controls. Points discussed include a review of the 8 controls in Clause 6: Annex A, Clause Six, People Controls Number of controls: 8 (6.1 to 6.8) Listen Now On Our Next Episode ...

Howard and Jim chat about  ISO 27001, Annex A – Organization Controls. Points discussed include:  A review of the 37 controls in Clause 5: Annex A, Clause Five, Organizational Controls Number of controls: 37 (5.1 to 5.37) Listen Now On Our Next Episode ...

Howard and Jim chat about the integration of an ISO 27001 into an existing ISO 9001 QMS. Points discussed include: ISO 9001 Quality Management Standard is the most prevalent in the world. It's been around since 1987 and there are over 2 million ...

Howard and Jim chat about the ISO 27001:2022 - Statement of Applicability (SoA) Items discussed include: The Statement of Applicability is required for ISO 27001 certification. It’s a statement that explains which Annex A security controls are — or aren’t — applicable to ...

Howard and Jim chat about ISO 27007 - Guidance for Information Security Management Systems Auditing. Items discussed include: Plan - Do - Check - Act  Approach. Getting clients to ask their auditees if the procedure, the way it's been implemented, is getting them ...

Howard and Jim chat about ISO 27005 - Managing Information Security Risks in this episode of the ISO Review Podcast. Items discussed include: Plan - Do - Check - Act  Approach Identify the risk Analyze  the naure and level of the risk Evaluate ...