Ryan Mackie

ISO/IEC 27002:2022: A High-Level Breakdown of the Update

Now that the new version of ISO 27002:2022 has been formally released, we highlight the big changes provided within this revision and how this standard can help you.

ISO 27017 and the Canadian Security Policy Implementation Notice (SPIN)

What your cloud service organization needs to know about ISO 27017 requirements

The Much Anticipated ISO/IEC 27701:2019

For those that were monitoring the wire, ISO 27001 was released the week of August 5th as an extension of ISO 27001 and 27002.

13 Tips For Grooming IT Leaders

The ability to identify and train IT managers is a key factor in establishing productive IT teams. Here’s what to look for and how to hone leadership talent when promoting from within....

To Include or Not to Include – Scoping ISO 27001 and Colocation Service Providers

Introduction ISO/IEC 27001:2015 (ISO 27001) certification is becoming more of a conversation in most major businesses in the United States. To provide some depth, there was a 20%...

ISO 27018: What Cloud Providers Need to Know

According to the Identity Theft Resource Center, we saw 781 data breaches in 2015 that totaled hundreds of millions of stolen records, many of which included personally identifiable information...

An Introduction to CSA STAR and ISO 27001

Curious about the CSA STAR Program or how its certification works together with ISO 27001? We answer basic questions on the relationship between the two so that you understand if CSA STAR is right for

CSA STAR Certification vs. CSA STAR Attestation

Which facet of the CSA STAR Program is right for your organization? We break down the basics, as well as the pros and cons, of both the Certification and Attestation to help inform your decision.

Locking up the Cloud and Throwing the Key Away

According to the Identity Theft Resource Center, we saw 781 data breaches in 2015 that totaled hundreds of millions of stolen records, many of which included personally identifiable information...

A Kinship: SOC 2 and ISO 27001

Have you ever wondered if the ISO 27001 certification is at all similar to a SOC 2 report?  Many organizations today are dealing with multiple needs or demands for various compliance assessments...

Understanding the Cloud Security Alliance STAR Program – Certification and Attestation

In the last 12 months, the Cloud Security Alliance (CSA) has made great strides in enhancing their CSA Security, Trust and Assurance Registry (STAR) Program. In brief, the STAR Program is a...

SOC 1 / SSAE 16 - What is the Difference?

When referring to SSAE16 or SOC 1, what is the difference and how do you use these acronyms appropriately? Simply put, the SSAE No. 16 standard is the attestation standard used to create a SOC 1...

The 3 Things to Consider When Transitioning from ISO 27001 :2005 vs. ISO 27001 :2013

Complementing Your ISO Certification - AT 101

Undoubtedly, the ISO 27001 Certification is recognized globally and revered as one of the highest and most comprehensive certifications an organization can attain. The high esteem that the...

ISO 27001:2013 – Understanding the New Standard

Part 1: Scoping and the approach of implementing the ISMS Organizations currently implementing or planning to implement a management system based on ISO 27001 will have a tough decision to make in...