Information security guidelines
According to ISO27001, an information security policy is a specification document that companies use to regulate their information security.
Internal Audit
Why do you need an internal audit for the QMS or ISMS? An internal audit is required for compliance with the applicable standard (e.g. ISO 9001, ISO 27001). The effectiveness of the management system must be reliably guaranteed. This internal audit of individual processes and systems follows a previously established schedule and guidelines. The results
IT appraiser
What is an IT assessor? An IT appraiser is an expert in systems, information processing applications and software development. He is also often referred to as an IT expert. On the one hand, there are appointed and sworn experts who are commissioned by courts to examine a factual situation at the expense of the parties
Supplier Management
What and why is supplier management important for ISO 27001? The ISO 27001 standard expects companies to carry out a variety of activities to ensure information security. Supplier management requires organizations to carefully select their suppliers and continually monitor their reliability. Therefore, in our ISMS, our supplier management must provide evidence of the following activities:
What exactly is a deviation?
What are deviations according to the ISO standard? As a rule, the term “non-conformity” can be found in the specialist literature. For better understanding, the term deviation is often used in colloquial language. All ISO standards refer to deviations as the situation of an “unmet requirement”. In the ISO 9001 standard there is chapter “3.6.9
What are security objectives according to ISO 27001?
Security goals are an important part of an ISMS according to ISO 27001. Find out how to document these measurable goals and objectives
What are security objectives according to ISO 27001? Read More »