Howard and Jim chat about ISO/IEC TS 27008:2019 – Guidelines for the Assessment of Information Security Controls. Points discussed include: How do the ISO 27008 and ISO 27001 standards work together to enhance information security within organizations? Why is it important for organizations…

Read More

Howard and Jim chat about “Additional Observations and Benefits of Integrating an ISO 27001 Into an Existing ISO 9001 Quality Management System.” Points discussed include:  How can integrating ISO 27001 into an existing ISO 9001 system benefit an organization? What are the key…

Read More

Howard and Jim chat about  ISO 27036-2, Clause 7.5 – Supplier Termination Process. Points discussed include:  How important is it for organizations of all sizes to prioritize information security?  What are some challenges organizations face when it comes to supplier relationship termination?  How…

Read More

Howard and Jim chat about  ISO 27036-2, Clause 7.4 – Supplier Relationship Management Process. Points discussed include:  The importance for organizations to have a process for managing supplier relationships in terms of information security.  The potential risks or vulnerabilities that organizations may face…

Read More

Howard and Jim chat about  ISO 27036-2, Clause 7.3 – Supplier Relationship Agreement Process. Points discussed include:  How important it is for businesses to have supplier contracts that address information security?  The key elements that should be included in an agreement to ensure…

Read More

Howard and Jim chat about  ISO 27036-2, Clause 7.2 – Supplier Selection Process. Points discussed include:  How can organizations effectively plan their supplier relationships to mitigate information security risks?  What are some real-life examples of information security breaches and their impact on organizations?…

Read More

Howard and Jim chat about  ISO 27036-2, Clause 7.1 – Supplier Relationship Planning Process. Points discussed include:  How do the ISO 27036 standards help protect against potential risks and ensure personal safety?  What are some potential legal and regulatory issues that suppliers should…

Read More

Howard and Jim chat about  ISO 27036 Part 2 – Clause 6 – Information security in supplier relationship management Points discussed include:  How does the ISO Review podcast contribute to the understanding and implementation of ISO standards in various industries?  What are some…

Read More

Howard and Jim chat about  ISO 27036 Part I – Protecting Your Data: Overview of Understanding the Risks and Best Practices Guidance for Supplier Relationships. Points discussed include:  Why is due diligence important when choosing suppliers?  Why it’s important to evaluate the security…

Read More

Howard and Jim chat about  ISO 27008 Guidelines for Assessing Annex A Controls. Points discussed include:  How many controls are required in ISO 27008?  What are the seven steps outlined in ISO 27008 for measuring and assessing controls?  How can ISO 27008 help…

Read More

6 Comments

  1. Wayne Midgley on June 8, 2015 at 1:10 am

    Trying to sign up for your iso tips Jim but cannot find where to.



  2. Jim Moran on June 8, 2015 at 1:32 am

    I’ll have to add that option, Wayne. What we have now is a ‘Contact us’ button at the bottom, and people send the request there.

    I’ll add you to the list. We’ll be sending out a new round after the FDIS comes out – should be next month – we’ll make sure you get the next ones.

    In the meantime, feel free to glance through the previous tips: https://simplifyiso.com/iso-tips

    Comments welcome!

    Jim



  3. tony santos on January 17, 2020 at 12:10 am

    your lessons are clear and helpful. Thanks



    • Jim Moran on January 20, 2020 at 3:11 pm

      You’re welcome, Tony – thanks for leaving a note. Hope 2020 works out for you!
      Jim



  4. ISO 9001 Certification USA on February 4, 2022 at 2:48 am

    Hello Dude! Thank you so much for sharing the Informative Blog, It is really helpful for readers. Keep it up.



    • Jim Moran MA Ed. MSP on July 17, 2022 at 11:39 pm

      You’re welcome, and thanks for the comment. You may enjoy some of our free courses at the International Management System Institute: https://imsipro.org/