List/Grid Author Archives: admin

regulation-cryptographic-controls-iso-27001

Regulation of cryptographic controls in ISO 27001

What does regulation of cryptographic controls in ISO 27001 mean? The standard talks of the use of cryptographic controls in accordance with relevant laws, legislation and regulations. ...
quantitative vs qualitative risk assessment

Quantitative vs Qualitative Risk Assessment: Pro’s and Con’s

When deciding on a risk assessment methodology, one question that usually pops up is: quantitative vs qualitative risk assessments – what is the difference between each? Which ...
what is raid storage

What is RAID storage and why is it used?

When looking into computer storage at a low level, one term that often comes up is RAID storage, and the standard RAID levels. But what is RAID storage and why is it used? In this article, ...
iso 27001 internal audit checklist

ISO 27001 Internal Audit Checklist

If you are new to ISO 27001, and ISO standards in general, then internal audit may be an area where you have several questions. For example, how regularly should we be auditing the ...
is iso 27001 certification worth it?

Is ISO 27001 certification worth it?

As part of a series of frequently asked questions, we look at the classic – “is ISO 27001 certification worth it?” In order to answer this question, organisations ...
measuring iso 27001 isms processes

Measuring ISO 27001 ISMS Processes: A 5 Step Guide

Monitoring, measurement, analysis and evaluation of the ISMS is a requirement of ISO 27001:2013 that many organisations can become stuckĀ on. The standard requires the organisation ...
information security objectives in iso27001

Information Security Objectives in ISO 27001

What are information security objectives in ISO 27001? Who should define these? And why are they important? These are some of the common questions we are asked and attempt to answer ...
leadership and commitment in iso 27001

Leadership and Commitment in ISO 27001

Leadership and Commitment in ISO 27001 is a relatively new control, situated under clause 5.1 of the system requirements. This article explores what is meant by leadership and commitment ...
non conformance corrective action iso 27001

What is the difference between non conformance report and corrective action report in ISO 27001?

ISO 27001:2013 defines the requirement for organisations to actively identify a non-conformity and conduct corrective action. But what is the difference between non conformance report ...

How does SSL work with HTTPS?

One question we are often asked with regards to cryptographic controls is how does SSL work with HTTPS? And as we are using HTTPS to secure our data in transit, how do we describe this ...
© 2018 ISO27001 Guide. All rights reserved.