by Henrik Schouboe | Dec 6, 2014 | Blog
I guess most people would say yes, but I am sorry, as everyone knows there is no such thing as a free lunch. In reality there is also no such thing as 100% information security, or at least I am not sure you actually want that with the associated implications for your...
by Henrik Schouboe | Nov 30, 2014 | Blog
The most common obstacle we meet when helping clients with their ISO 27001 projects (or any ISO project for that matter…or, come to think of it, any internal change/improvement project) is Business As Usual (BAU). It basically means, that people and organisations have...
by Henrik Schouboe | Oct 9, 2014 | Blog
The annual Ponemon research study is out now and (I guess) unsurprisingly Cyber Crime continues to be on the rise. The study finds that organisations are seeing more attacks and the cost of these attacks continues to increase. In 2013 there was 1.4 successful attacks...
by Henrik Schouboe | Sep 30, 2014 | Blog
ISO 27001 and risk management. I really like the fact, that ISO 27001 is based on risk assessment, and I guess I am not the only one, since the next version of ISO 9001 will also introduce risk management to replace preventive action, and there will be a focus on risk...
by Henrik Schouboe | Sep 24, 2014 | Blog
Part of running an effective ISO 27001 Information Security Management System (ISMS) is to run an effective internal audit programme. The purpose of the audit programme is make sure, that the ISMS conforms to your own requirements as well as the requirements of the...