fbpx

Do I need special Software to get ISO27001?

By |2024-05-31T14:05:39+01:00May 20th, 2024|Information Security, ISO27001 Implementation|

This is a question we get asked regularly "Is the software that is designed to monitor ISo27001 worth the investment?" If your organisation is ISO 27001 certified, you know how important it is to have a systematic approach for monitoring and managing your information security policies and controls. While there are software solutions specifically designed for this purpose, some organisations opt to use spreadsheets to track their compliance efforts. Let's look at the pros and cons of each approach. Dedicated ISO 27001 Compliance Software The advantages [...]

Can I use a consultant in a different country to help us achieve ISO27001 certification?

By |2024-03-14T14:28:35+00:00March 18th, 2024|ISO27001 Implementation|

Can I use a consultant in a different country to help us achieve ISO27001 Certification? We are frequently asked this question, particularly by companies from the United States who want to work with us. In today's business landscape, information security knows no borders. As organisations increasingly operate across multiple regions and engage in cross-border transactions, the need for a standard approach to information security has never been more critical. That's where ISO 27001 comes in. It's an international standard that gives a proven framework for information [...]

ISO27001 Internal Audits – the basics

By |2023-01-07T11:56:08+00:00January 7th, 2023|Internal Audit|

We have been doing some internal audits as part of the ISO27001 certification for our clients. We are undertaking the audits on behalf of clients. Clients frequently do not have the skills, knowledge or time to do the internal audits in-house. It also means that they are getting an experienced internal auditor who understands what's required by the standard. Each internal audit has the potential to pick up areas of nonconformity and areas for improvement. Internal audits are a requirement of the ISO27001 standard and you [...]

Let’s talk policies and procedures

By |2024-10-03T12:46:21+01:00May 7th, 2022|ISO27001 Implementation, policies and procedures|

Let’s talk policies and procedures I often get asked why organisations should bother with policies and procedures. My response is that it creates a uniform structure by which the organisation works, saving time and resources. For larger organisations it shows a fairness in the way it operates as everyone has the same procedure to follow. What usually goes wrong is that the person writing the policy struggles to be able to put into words what needs to happen. Believe me, we have seen some policies which [...]

ISO27001 Implementation – Daunting isn’t it?

By |2024-02-23T13:11:27+00:00March 7th, 2022|ISO27001 Implementation|

One of the first questions we get asked is "What does ISO27001 require us to do as an organisation in order to get certification?". We have had a number of clients who have been told they need to get ISO27001 certified so that a particular client will continue to work with them. When you first start looking at ISO27001, there are a number of elements to it, all of which appear to need completing at the same time. There is also specific terminology used as part [...]

Go to Top