Howard and Jim chat about Competence Requirements For Information Security Management Systems Professionals. Points discussed include:  What is the importance of communication and documentation in auditing firms for ISMS professionals?  How can auditors prepare for an audit, and what information should they request…

Read More

Howard and Jim chat about the Path to ISO 27001 Certification. Points discussed include: What is ISO 27001 and why do some organizations need certification in it? Do most organizations need to be certified in ISO 27001 to bid on projects in the…

Read More

Howard and Jim chat about  ISO 27001, Annex A – Technical  Controls. Points discussed include a review of the 14 controls in Clause 8: Annex A, Clause Eight, Technical Controls Number of controls:34  (8.1 to 8.34) Listen Now On Our Next Episode The…

Read More

Howard and Jim chat about  ISO 27001, Annex A – Physical Controls. Points discussed include a review of the 14 controls in Clause 7: Annex A, Clause Seven, Physical Controls Number of controls:14  (7.1 to 7.14) Listen Now On Our Next Episode ISO…

Read More

Howard and Jim chat about  ISO 27001, Annex A – People Controls. Points discussed include a review of the 8 controls in Clause 6: Annex A, Clause Six, People Controls Number of controls: 8 (6.1 to 6.8) Listen Now On Our Next Episode…

Read More

Howard and Jim chat about  ISO 27001, Annex A – Organization Controls. Points discussed include:  A review of the 37 controls in Clause 5: Annex A, Clause Five, Organizational Controls Number of controls: 37 (5.1 to 5.37) Listen Now On Our Next Episode…

Read More

Howard and Jim chat about the integration of an ISO 27001 into an existing ISO 9001 QMS. Points discussed include: ISO 9001 Quality Management Standard is the most prevalent in the world. It’s been around since 1987 and there are over 2 million…

Read More

Howard and Jim chat about the ISO 27001:2022 – Statement of Applicability (SoA) Items discussed include: The Statement of Applicability is required for ISO 27001 certification. It’s a statement that explains which Annex A security controls are — or aren’t — applicable to…

Read More

Howard and Jim chat about ISO 27007 – Guidance for Information Security Management Systems Auditing. Items discussed include: Plan – Do – Check – Act  Approach. Getting clients to ask their auditees if the procedure, the way it’s been implemented, is getting them…

Read More

Howard and Jim chat about ISO 27005 – Managing Information Security Risks in this episode of the ISO Review Podcast. Items discussed include: Plan – Do – Check – Act  Approach Identify the risk Analyze  the naure and level of the risk Evaluate…

Read More

6 Comments

  1. Wayne Midgley on June 8, 2015 at 1:10 am

    Trying to sign up for your iso tips Jim but cannot find where to.



  2. Jim Moran on June 8, 2015 at 1:32 am

    I’ll have to add that option, Wayne. What we have now is a ‘Contact us’ button at the bottom, and people send the request there.

    I’ll add you to the list. We’ll be sending out a new round after the FDIS comes out – should be next month – we’ll make sure you get the next ones.

    In the meantime, feel free to glance through the previous tips: https://simplifyiso.com/iso-tips

    Comments welcome!

    Jim



  3. tony santos on January 17, 2020 at 12:10 am

    your lessons are clear and helpful. Thanks



    • Jim Moran on January 20, 2020 at 3:11 pm

      You’re welcome, Tony – thanks for leaving a note. Hope 2020 works out for you!
      Jim



  4. ISO 9001 Certification USA on February 4, 2022 at 2:48 am

    Hello Dude! Thank you so much for sharing the Informative Blog, It is really helpful for readers. Keep it up.



    • Jim Moran MA Ed. MSP on July 17, 2022 at 11:39 pm

      You’re welcome, and thanks for the comment. You may enjoy some of our free courses at the International Management System Institute: https://imsipro.org/