Main obstacles to the implementation of ISO 27001
Dejan Kosutic
You have this great idea that ISO 27001 will help you achieve compliance, attract new customers, decrease cost of incidents,...
You have this great idea that ISO 27001 will help you achieve compliance, attract new customers, decrease cost of incidents, and streamline your core IT processes? The idea is nice, but when it comes to...
ISO 27001 certification – Everything you need to know about getting ISO 27001 certified
ISO 27001 certification - Everything you need to know about getting ISO 27001 certified ISO 27001 compliance software ISO 27001...
ISO 27001 certification - Everything you need to know about getting ISO 27001 certified ISO 27001 compliance software ISO 27001 Templates ISO 27001 Courses Dejan Kosutic TABLE OF CONTENTS ISO 27001 certification forcompanies vs. certification...
Why is residual risk so important?
Term ‘residual risk’ is mandatory in the risk management process according to ISO 27001, but is unfortunately very often used...
Term ‘residual risk’ is mandatory in the risk management process according to ISO 27001, but is unfortunately very often used without appreciating the real meaning of the concept. What is residual risk? Residual risk is...
Risk owners vs. asset owners in ISO 27001:2013
Update 2022-04-07. The 2013 revision of ISO 27001 introduced a new concept: the risk owner. Since this concept brought quite...
Update 2022-04-07. The 2013 revision of ISO 27001 introduced a new concept: the risk owner. Since this concept brought quite a lot of confusion with information security practitioners, here’s an explanation of what the risk...
Catalogue of threats & vulnerabilities
This list of threats and vulnerabilities can serve as a help for implementing risk assessment within the framework of ISO...
This list of threats and vulnerabilities can serve as a help for implementing risk assessment within the framework of ISO 27001 or ISO 22301. This list is not final – each organization must add their...
Business continuity plan: How to structure it according to ISO 22301
In my experience, companies usually find two things in their business continuity or information security management to be the most...
In my experience, companies usually find two things in their business continuity or information security management to be the most difficult: risk assessment, and business continuity planning. Here I’ll give you some tips on business...
