The ISMS.online blog
Information Security Risk Management Explained – ISO 27001
Risk management is an often used phrase in business today. However without having a consistent interpretation of what it means and how to do it effectively, that creates risk in itself! Information security risk management and cybersecurity risk management are...
read morePlanning the business case for an ISMS – Whitepaper
Are you thinking about implementing an Information Security Management System or wanting to elevate your existing one? Or maybe you’re looking at ISO 27001 certification for your organisation. Alliantist CEO, Mark Darby, recently put together a Whitepaper which...
read more
ISO 27001:2013 and ISO 27001:2017 what’s the difference?
The difference in ISO 27001 versions In practical terms, very little has changed between the 2013 and 2017 ISO 27001 standards except for a few minor cosmetic points and a small name change. The latest published version of the ISMS standard is – BS EN ISO/IEC 27001:...
read more
How to develop an Asset Inventory for ISO 27001 – A pragmatic approach
The importance of the Information Asset Inventory for ISO 27001:2013 If you are adopting an asset-based information security risk assessment for ISO 27001:2013, (as well as the ISO 27001:2017 updates) and experts agree it is a robust and pragmatic risk methodology to...
read more