When looking to embark on achieving ISO 27001 Compliance, every organisation should know what challenges are ahead, in order to overcome them. It doesn’t have to be that hard if you know the hurdles. Risk Crew would like to share some tips to jump the hurdles when it comes to building your Information Security Management […]
17
Aug
Aug
The revised version of ISO 27001 finally landed on 25 October 2022. It’s been almost 10 years since the last major update, and while the revisions may seem minor, they are in fact significant and serve to both solidify and clarify the standard. In this post, we’ll cover what changed, why the new version was […]
19
Aug
Aug
Once you have successfully attained Cyber Essentials Plus (CE+) certification and the celebrations are over, what do you do? Do you just sit back and be happy that CE+ has been achieved or do you build upon it? Well, it all depends on why you undertook to achieve CE+ in the first place. Many companies […]
30
Jul
Jul
Before choosing an ISO certification body for your ISO 27001 certification you need to understand the reasons for obtaining the certificate. Many clients want the ISO certificate to demonstrate to clients and partners that they take information security seriously. Others have requirements for certification to allow them to bid for certain contracts. There are a […]
03
Jul
Jul
In this new business era of virtual working, I have been asked how to maintain your ISO compliance with staff working from home and while it poses some problems, it’s certainly not difficult. The first thing to remember is that ISO 27001 defines the requirements for the Information Security Management System (ISMS). This ISMS has […]
25
Feb
Feb
ISO 27001 Audits can be stressful for those involved as a lot riding on the audit’s outcome. This is especially true if it’s the organisation’s first audit and there’s a compelling commercial reason to achieve ISO 27001 certification. Brand identity may be negatively affected if the business doesn’t pass. In this article, we explore the […]
09
Jan
Jan
The General Data Protection Regulation (GDPR) may have come into force in 2018 but 2019 was the dominating year for it. Last year, we saw companies put more effort into not only achieving GDPR compliance but into actively maintaining it. This is harder to do than it might seem — as just one mistake can result in a […]
07
Oct
Oct
If you’re about to embark on the journey to ISO 27001, or if you’ve achieved the certification and are now in the process of maintaining it, then the new privacy information management extension to ISO 27001 could be something you may want to consider. It was purposefully developed to address and assist organisations in meeting […]