Services
Services
SOC & Attestations
SOC & Attestations
Payment Card Assessments
Payment Card Assessments
ISO Certifications
ISO Certifications
Privacy Assessments
Privacy Assessments
Federal Assessments
Federal Assessments
Healthcare Assessments
Healthcare Assessments
Penetration Testing
Penetration Testing
Cybersecurity Assessments
Cybersecurity Assessments
Crypto and Digital Trust
Crypto and Digital Trust
Schellman Training
Schellman Training
ESG & Sustainability
ESG & Sustainability
AI Services
AI Services
Industry Solutions
Industry Solutions
Cloud Computing & Data Centers
Cloud Computing & Data Centers
Financial Services & Fintech
Financial Services & Fintech
Healthcare
Healthcare
Payment Card Processing
Payment Card Processing
US Government
US Government
Higher Education & Research Laboratories
Higher Education & Research Laboratories
About Us
About Us
Leadership Team
Leadership Team
Careers
Careers
Corporate Social Responsibility
Corporate Social Responsibility
Strategic Partnerships
Strategic Partnerships

How to Enhance Your ISO 27001 Management System

WATCH NOW

About this Event

Join Ryan and Alex as they will cover the internal and external value of ISO 27001 certification and how that value can be intensified by including other control sets within your ISMS.

ISO has a number of different standards, that may be sector or industry specific, that are based on the current control set of ISO 27002 / ISO 27001 Annex A and include additional control implementation guidance and new controls; these standards are designed to be extensions of an ISMS to provide further assurance to customers that those additional control sets are effectively incorporated into the ISMS and assessed as part of the external assessment.

We will discuss the following:

  • The openness of ISO 27001, specifically as it relates to control sets and extensions
  • Common extensions to Annex A and reasons for their inclusion – ISO 27017, ISO 27018
  • What other control set extensions are out there (ISO 27799, ISO 27019 as an example)
  • Unique extensions like ISO 27701 (management system and controls)
  • Options for not relying on Annex A (i.e. NIST control set or SOC 2 criteria) and how that would work
  • Steps on including and maintaining control set extensions in your ISMS

About this Event

Join Ryan and Alex as they will cover the internal and external value of ISO 27001 certification and how that value can be intensified by including other control sets within your ISMS.

ISO has a number of different standards, that may be sector or industry specific, that are based on the current control set of ISO 27002 / ISO 27001 Annex A and include additional control implementation guidance and new controls; these standards are designed to be extensions of an ISMS to provide further assurance to customers that those additional control sets are effectively incorporated into the ISMS and assessed as part of the external assessment.

We will discuss the following:

  • The openness of ISO 27001, specifically as it relates to control sets and extensions
  • Common extensions to Annex A and reasons for their inclusion – ISO 27017, ISO 27018
  • What other control set extensions are out there (ISO 27799, ISO 27019 as an example)
  • Unique extensions like ISO 27701 (management system and controls)
  • Options for not relying on Annex A (i.e. NIST control set or SOC 2 criteria) and how that would work
  • Steps on including and maintaining control set extensions in your ISMS

The Presenters

Ryan Mackie

Principal
Schellman

Learn More

https://www.schellman.com/hubfs/webinar-presenters/alex-hsiung.webp

Alex Hsiung

Schellman