A Beginner’s Introduction to ISO 31000: Risk Management Risk management is important to maximize your organization’s potential. What is ISO 31000? ISO 31000 is a universal set of standards related to risk management (which is defined as the identification, evaluation and prioritisation of risks). It offers principles and guidelines for organisations seeking to manage professionalContinue reading “A Beginner’s Introduction to ISO 31000: Risk Management”
Category Archives: Governance
An Introduction to ISO 27001 Access Control
An Introduction to ISO 27001 Access Control Access control is a critical component of any information security program, as it helps prevent unauthorized access to sensitive data. When looking into access control, it is first important to understand what it is and how it can affect you no matter what role you are in. Continue reading “An Introduction to ISO 27001 Access Control”
ISO 27001 Controls: Network Security
ISO 27001 Controls: Network Security Any organisation that works with interconnected computers would be wise to take network security into consideration. Nearly all organisations work with interconnected computers in some capacity. Remember, not every computer has a keyboard and mouse. From your mobile phone, to your TV remote, and even your credit card, nearlyContinue reading “ISO 27001 Controls: Network Security”
A Beginners Introduction to Compliance
A Beginner’s Introduction to Compliance How your organisation manages its compliance is key to deliver value What is compliance? Compliance can be defined as the act of complying with a task, order, rule or regulation. However, this does not communicate the value that it can actually deliver to a business. A better way to understandContinue reading “A Beginners Introduction to Compliance”
ISO 27001 Controls: Cryptography
ISO 27001 Controls: Cryptography The importance of cryptography and how it keeps your data safe I could say cryptography is an essential part of any organisation dealing with confidential data, but to say so, would be a massive understatement of its scope. Cryptography is everywhere. When you pay for something, it is used to transferContinue reading “ISO 27001 Controls: Cryptography”
ISO 27001 Controls: Shoulder Surfing
ISO 27001 Controls: Shoulder Surfing Is shoulder surfing just a cheeky behavior, or could be a threat to your sensitive information? If you’re working with potentially sensitive data in a public location, you need to consider that other people may be able to see what’s on your screen. ISO 27001 control A.6.2.1 requires that an organisationContinue reading “ISO 27001 Controls: Shoulder Surfing”
Policy management – 5 keys to creating a compliance culture
Policy management – 5 keys to creating a compliance culture Our top suggestions for embedding compliance and policy management in your organisation Summary Policy management is a huge part of not only audits and compliance, but of keeping your people aligned with your organisation. Writing effective policies, procedures and guidelines allows you to provide guideContinue reading “Policy management – 5 keys to creating a compliance culture”
A new approach to policy management
A new approach to policy management Bringing compliance to the forefront through user-focus Introduction Policy management is a key part of GRC and audits in general – this is something we all know – however, the approach to it has changed surprisingly little as technology has developed and become a larger and larger partContinue reading “A new approach to policy management”
Introducing Inverifi
An introduction to Inverifi A new approach to aligning your people and maintaining compliance Introduction The Governance, Risk and Compliance industry is a large one – valued at over £8.2 billion – and like most industries, it has had to modernise drastically. However, a lot of the products currently on the market are expensive,Continue reading “Introducing Inverifi”
