dcsimg

The benefits of implementing an ISMS

The international standard ISO/IEC 27001:2013 (ISO 27001) sets out the requirements for an ISMS (information security management system), an approach to securing information that relies on regular risk assessments to ensure the measures you put in place are appropriate to the threats you face and your risk appetite.  There are three main reasons to implement an … [Read more...]

Auditing your GDPR compliance

The EU General Data Protection Regulation (GDPR) has imposed many new obligations on organisations that process EU residents’ personal data. An audit will assess whether your organisation is meeting these obligations.  However, before an external auditor assesses the measures you’ve taken to comply with the Regulation, it’s worth conducting an internal audit to review whether your controls, … [Read more...]

Non-EU organisations block European traffic to avoid GDPR obligations

As well as applying to all organisations in the EU that process personal data, the GDPR (General Data Protection Regulation) applies to non-EU organisations that offer goods and services to, or monitor the behaviour of, EU residents. However, numerous organisations outside the EU have simply opted to block EU traffic to their websites rather than comply with the new law. TechCrunch reported on 25 … [Read more...]

ISO 27001 qualifications: Lead Auditor or Lead Implementer?

If you’re new to the international standard for information security management, ISO 27001, you might be finding it difficult to choose a training course that suits your needs. If you can’t decide between a lead auditor and a lead implementer course, the following information should help. First and foremost, it really is as obvious as it sounds: an implementer implements an ISMS (information … [Read more...]