FREE ISO 27001 Toolkit The FREE ISO27k Toolkit consists of a collection of ISMS-related materials contributed by members of the ISO27k Forum, either individually or through collaborative working groups organized on the Forum. We are very grateful for their generosity in allowing us to share them with you. The Toolkit is a work-in-progress: further contributions are most welcome To download […]
Risk Management Risk management in IT involves the identification, organization, and management of risks in an organization. It is normally done in a way that balances the costs associated with using security solutions to protect the organization and the benefits that they bring. In simpler terms, risk management allows the organization to spend more on […]
4 Free ISO Courses in Advisera , ISO 27001:2013 Foundations Course In this online course you’ll learn everything you need to know about ISO 27001, including all the requirements and best practices for compliance. The course is made for beginners in information security and ISO standards, and no prior knowledge is needed to take this […]
Operational security is often regarded as the convergence point of operational risks and cybersecurity. It is the middle ground between proactive and reactive security….
Creating a Vulnerability Management Strategy Often, an exploitation of a vulnerability might lead to a disaster recovery scenario. Therefore, it is imperative to have a system in place that can prevent the vulnerabilities from being exploited in the first place. But how can you prevent a vulnerability from being exploited if you don’t know whether […]
Chief Audit Executive Conference The United Arab Emirates Internal Audit Association (UAE-IAA) is a vibrant organization founded by a dedicated group of practicing volunteers to serve the profession and the needs of local internal auditors. The UAE IAA was chartered by a government decree from the UAE Ministry of Community Development and is dully affiliated […]
What is IT Security Policy ? The essence of an IT security policy, is to establish guidelines and standards for accessing the organization’s information and application systems. As IT infrastructures have become more complex and organization’s resources have become more distributed, the need for improved information security has increased. An IT security policy, facilitates the […]
ISO 27001 domains I am teaching for the last 3 years ISO 27001 classes Australia wide, and wanted to put together some resources that can be used by my students or blog followers. Below you will find the main domains which is covered under ISO27001 and please look for more in other posts. Enjoy: ISO/IEC […]
Source : IsecT Ltd. ISO/IEC 27001 is the formal set of specifications against which organizations may seek independent certification of their Information Security Management System (ISMS). ISO/IEC 27001 specifies requirements for the establishment, implementation, monitoring and review, maintenance and improvement of a management system – an overall management and control framework – for managing an organization’s information […]