The ISO 27001 norm is all about securing important data for your organization. A key part of the norm is setting up an ISO 27001 data retention policy. This policy will help you to control how your data is handled, stored, and disposed of — with the main goal of keeping it protected throughout its […]
Learn all about the differences between two major information security norms: SOC 2 and ISO 27001. We’ll discuss: Ready? Let’s dive right in. What is ISO 27001? ISO 27001 is the most well-known information security standard out there, worldwide. It’s consider the international standard for managing information security. It provides a framework for establishing, implementing, […]
If you’re new to the world of compliance, all the different ISO standards can be confusing. There are multiple ISO regulations and they all serve a different purpose. The biggest two ISO norms are 9001 and 27001. We often get the questions what the differences are between these two regulations. In this article, we’ll tell […]
Every organization has one constant factor in common: change. An organization always undergoes a transformation, whether it’s slow or fast. People come and go, new technologies are adopted, and processes are updated. It’s the only way to keep up with a changing world. But with change often comes risk. That’s why the ISO 27001 norm […]
If you’re new to compliance regulations, all the different terms being thrown around can be puzzling. One of the questions we often get is: I hear about ISO27001 and HIPAA, but what are the differences? And more importantly, which one should my organization comply with? If you’ve asked yourself those questions too, you’ve come to […]
Vulnerability management is a key part of the ISO 27001 norm. The goal is to continuously identify and mitigate and vulnerability within your information security. This helps you to keep your valuable data safe. In this article, you’ll learn the basics of ISO 27001 vulnerability management. What is ISO 27001 vulnerability management? Vulnerability management is […]
Penetration testing is considered essential part of the ISO 27001 norm. Not because it’s an official requirement, but because it’s simply the best way to test if your security controls are truly effective. If you’re new to this topic, you’ve come to the right place. In this article, you’ll learn all about ISO 27001 penetration […]
When you want your organization to get an ISO 27001 certification, you’ll need to do an ISO 27001 gap analysis at some point in the process. But what is that exactly and what does the process look like? What is an ISO 27001 gap analysis? A gap analysis is like a reality check. It helps […]
File sharing is a daily practice for many professionals across organizations. With all the cyber threats of today, this comes with a lot risks for the safety of your data and compliance. Think about it, how many files do you send per day? And how sure are you that this is happening in a completely […]
Every organization has information that they can’t risk ending up in the wrong hands. With an ISO 27001 risk assessment, an organization can establish which incidents may happen and how likely they are to happen. Next, they can figure out how to avoid those incidents and how to act once they occur. Why is an […]
