Blog
Risiko365 now provides support for ISO 27001:2022
Risiko365 is the tool for ISO 27001 risk management. ISO 27001 is expected to come out in a new version in 2022. The update will see significant changes to the Annex A controls. In preparation for the new version of the ISO 27001:2022 standard, Risiko365 has...
Risiko365
Risiko365 is an app that will help you manage your Information Security Management System (ISMS). It will help you get ISO 27001 certified - and stay certified. The app consists of 4 modules: The Risk module where you would manage all your risks The Incident &...
SOC2 Reports – What are they?
SOC1 vs SOC2 ReportLet's start by looking at the differences between SOC2 and SOC1 reports.A SOC1 report falls under the Statement on Standards for Attestation Engagements (SSAE) 18 or ISAE3402. The SOC1 report focuses on a service organization’s controls that are...
Internal Audit
What is Internal Audit? Internal auditing is an independent, objective assurance and consulting activity designed to add value and improve an organization's operations. See Wikipedia Effective Internal Audit Part of running a successful ISO 27001 Information Security...
ISO 27001 certification
Are you considering obtaining ISO 27001 certification or have you already decided to obtain ISO 27001 certification? This might be a consideration because you have clients that request ISO 27001 certification, you might want to cut down the time it takes to complete...
ISO 27001 App for SharePoint (Risiko365)
Would you like to have a tool that can help you run some of the critical processes in your information security management system (ISMS) or in your quality management system (QMS)? A tool that is run from the cloud and hence can enable your team to collaborate? A tool...
Information Security and HR
Information Security and HR - How should HR play a role in Information Security? HR has a very important role to play when it comes to information security. Contrary to common believe responsibility for information security does not rest solely with IT. Of course, IT...
GDPR Certification
GDPR Certification. Is that possible? Well it is now. The British Standard BS10012 2017 provides a specification for a personal information management system (PIMS) and if you implement this you would also be able to get a 3rd party certification body, such as BSI for...
GDPR and why encryption is important?
GDPR and why encryption is important? Encryption is like backup. Everyone agrees that is the right thing to do, but still some will do it, and some will not. With backup, it is a no brainer – you should backup (often, regularly and keep copies off site based on a...
Continued growth in ISO 27001 certifications world wide
Growth in ISO 27001 certifications is reported. The International Standards Organisation (ISO) reports a 21% rise in ISO 27001 certifications worldwide. ISO and IEC’s standard for information security, ISO/IEC 27001 saw a 21% increase to 33,290 certificates worldwide....