Blog Posts Tagged with "ISO Standards"

E973b16363b3de77b360563237df7e32

Ensuring Continuity of Services During Change Incidents

January 25, 2013 Added by:Bozidar Spirovski

Services are most vulnerable during change. Continuity of service needs to be ensured during change, and large portions of several ISO and BSI standards are focused on proper management of change. However well controlled, an incident can occur during the change, thus causing failure of service...

Comments  (2)

65be44ae7088566069cc3bef454174a7

ISMS Certification Does Not Equal Regulatory Compliance

December 27, 2012 Added by:Rebecca Herold

“By becoming ISO 27001 certified does that automatically mean we comply with HIPAA and HITECH requirements? Are there any requirements of HIPAA/HITECH that are not required to meet ISO 27001 standards?”

Comments  (0)

1f2f664e68a603b3c54890fbbcd37857

The Great Compliance Conundrum

May 10, 2012 Added by:Mark Gardner

The crux of the matter is why people bemoan compliance: To comply in this case requires no external verification, and in order to meet compliance you may avoid some as they're too hard to do or do not go deep enough, but still have the ability to turn and say that "we are compliant"...

Comments  (0)

7477d0986a135e5e948d70e9995a609c

Information Security Relief is Spelled ISO-27001

February 15, 2012 Added by:John Verry

No matter the industry or service offering, organizations processing data on behalf of clients are experiencing the pain of proving they are secure and compliant with client standards and the myriad of regulations which their clients are obligated. ISO-27001 spells relief...

Comments  (0)

68b48711426f3b082ab24e5746a66b36

The What and Why of Compliance

January 19, 2012 Added by:Fergal Glynn

What is a compliance framework? It’s an architected system of policies, controls and objectives designed to keep your business out of trouble and operating securely. It should measure risk and effectiveness, and keep constituents aware and up to date, since risk changes...

Comments  (0)

9259e8d30306ac2ef4c5dd1936e67634

ISO 27002 – What Will the Next Revision Bring?

November 27, 2011 Added by:Dejan Kosutic

This most important link between ISO 27001 and ISO 27002 – identical structure of ISO 27001 Annex A and ISO 27002 controls – will most likely still be included in new revisions of both standards. However, the way it is structured and the individual controls will most probably change...

Comments  (0)

0f57a863af3b7e5bf59a94319a408ff7

Auditing: Remote Access Security in 2011

August 15, 2011 Added by:Enno Rey

When the standards were written, endpoints were supposed to be mostly company managed Windows systems. In the meantime most organizations face an unmanaged mess composed of a growing number of smartphones and tablets, some company managed, while some are predominantly free floating...

Comments  (0)

69dafe8b58066478aea48f3d0f384820

ISO and IEC Publish Biometric Authentication Standard

August 15, 2011 Added by:Headlines

Unlike other authentication systems, the breach of biometric data is difficult to remedy. Users can not simply alter the authenticating data used to access secure networks, as one would with usernames and passwords - the data is permanently and uniquely identifiable to the individual user...

Comments  (0)

314f19f082e69886c20e31c70fe6dceb

First Annual (Possibly Semi-Annual) OSSTMM Forum

March 02, 2011 Added by:Rod MacPherson

OSSTMM is very high level, and the thing that everyone seems to be in agreement on is the need for applied OSSTMM documents outlining how it can be applied to different realms, such as web applications, computer networks, system hardening, etc...

Comments  (2)

9259e8d30306ac2ef4c5dd1936e67634

ISO 22301 to Replace BS 25999-2

March 01, 2011 Added by:Dejan Kosutic

The management part of BS 25999-2 will also be transferred to the new standard - document control, internal audit, management review, corrective and preventive actions, human resources management, etc. These elements exist in all other management standards - ISO 9001, ISO 14001, ISO 27001...

Comments  (0)