Since ISO 27001 does not require the CISO, it does not prescribe what this person should do. Generally, this person should coordinate all the activities related to securing the information in a company, and here are some ideas on what this person could do.
What must you consider for information security to help achieve business objectives? Since the release of the 2013 revision of ISO 27001, its clause 4.1 requiring the identification of the organizational context has been [...]
One of the hot questions these days is related to clause 4.2 in ISO 27001 – Understanding the needs and expectations of interested parties. Actually, their identification is not so complicated, and it gives crucial input for developing your information security management system (ISMS).
Everyone looking to be ISO 27001 certified is searching for an “ISO 27001 Checklist”. We offer you a list of questions that will help frame your mind around how your organization is currently positioned if you were to be considered for ISO 27001 certification.
The ISO 27001 roadmap will help you understand what an Information Security Management System is and guide you, step by step, from preparation through certification.