Organizations, regardless of type, size, or nature, possess information assets that need to be protected. Fortunately, a globally recognized standard is available to assist...
Case Closed: 3 Benefits ISO 27001 Can Have for Your Law Firm
When you think of a data breach, what comes to mind? It’s probably the image of a hacker stealing data from a large business or company that stores an abundance of customer data—like...
Have you ever wondered if the ISO 27001 certification is at all similar to a SOC 2 report? Many organizations today are dealing with multiple needs or demands for various compliance assessments...
Over the last few years, there has been a push to obtain cloud computing solutions at almost every turn. A plethora of companies continue to provide cloud services to their existing...
The intent of achieving and maintaining compliance with ISO 27001 is for an organization to demonstrate its continuing ability to proactively assess their information security risk...
A Management System for the Cloud – Why Your Organization Should Consider ISO 27018
Cloud computing technologies have revolutionized the way organizations manage and store their information. Where companies used to house and maintain their own data, a host of...
Codifying Your Configuration Standards
If you have already gone through a PCI DSS, SOC, HIPAA/HITECH, or ISO assessment, you already know that detailed configuration standards are a...
To Include or Not to Include – Scoping ISO 27001 and Colocation Service Providers
Introduction
ISO/IEC 27001:2015 (ISO 27001) certification is becoming more of a conversation in most major businesses in the United States. To provide some depth, there was a 20%...
With the rising popularity of compliance efforts today driven by factors such as customer demands, regulatory requirements, and/or a company’s willingness to demonstrate their internal...
According to the Identity Theft Resource Center, we saw 781 data breaches in 2015 that totaled hundreds of millions of stolen records, many of which included personally identifiable information...
Can an organization do a certification and an attestation?Yes. The certification has the prerequisite that you have gone through the ISO 27001 certification, but the attestation does not have any...
Reports as Evidence, Credibility, and Trust-builders
Content, delivery, and clarity are imperative components of successful written communication; a lack of such results in confusion and misunderstanding. Assessment reports such as ISO 27001, SOC 1,...
