By Gaffri Johnson, Neupart
Information security risk assessments are an integral part of managing information security. Unfortunately, it is not uncommon for businesses to consider risk assessment as something they need to get over with in order to meet certain requirements.
The Plan-Do-Check-Act (PDCA) process originates from quality assurance in production environments, but has for some years also been a requirement in the ISMS standard ISO 27001 (ISMS = Information Security Management System).
We've produced this short clip to help you communicate the main components of an Information Security Management System (ISMS), as described in ISO 27001.
The 2013 editions of the widely used standards for information security management, ISO 27001 and 27002 were released a few weeks ago. It has been eight years since they were last updated, and the new versions contain a number of improvements that should be of interest to companies that lean towards ISO 27001 or complies with it.
Cloud computing promises many benefits. Cost reductions, improved efficiency and improved security is what many companies can gain from moving into the cloud.
ISO / IEC 27001 was introduced in 2005 and has become a very popular international standard. Now ISO 27001 is being revised and a new version is due later in 2013. I’ve looked at the changes before and outlined the main differences between the old and the new version.
IT outsourcing can be a highly positive experience.
How does the ISO 27001 revision impact your risk management?