Who wants 100% information security and a free lunch?

I guess most people would say yes, but I am sorry, as everyone knows there is no such thing as a free lunch. In reality there is also no such thing as 100% information security, or at least I am not sure you actually want that with the associated implications for your...

ISO 27001 and Risk Management

ISO 27001 and risk management. I really like the fact, that ISO 27001 is based on risk assessment, and I guess I am not the only one, since the next version of ISO 9001 will also introduce risk management to replace preventive action, and there will be a focus on risk...

ISO 27001 Internal Audit

Part of running an effective ISO 27001 Information Security Management System (ISMS) is to run an effective internal audit programme. The purpose of the audit programme is make sure, that the ISMS conforms to your own requirements as well as the requirements of the...