ISO 27001

What are deviations according to the ISO standard?​ As a rule, the term “non-conformity” can be found in the specialist literature. For better understanding, the term deviation is often used in colloquial language. All ISO standards refer to deviations as the situation of an “unmet requirement”. In the ISO 9001 standard there is chapter “3.6.9 […]

Security goals are an important part of an ISMS according to ISO 27001. Find out how to document these measurable goals and objectives

Management-Review according to ISO 27001 The ISO 27001 standard expects management to regularly address the current state of information security. According to ISO 27001, the so-called management review compares the current state with the desired state specified in the ISMS. The following topics should be on the management review agenda: Security incidents Risks Expectations Deviations

What is ISO 27004? ISO 27004 can be seen as a guide for measuring the efficiency of an information security management system (ISMS Performance Monitoring). The guidelines provided for the development, measurement, implementation and maintenance of an ISMS are intended to help companies ensure sustainable information security. Evaluating the effectiveness of your ISMS should serve

Do I absolutely need ISO 27001 certification? The most commonly cited reasons for ISO 27001 certification are obvious: protecting valuable data and improving a company’s trustworthiness. However, the costs of an ISO27001 project are sometimes not in proportion to the profits that can be achieved. So every managing director rightly asks himself: do I need