• Skip to main content
  • Skip to secondary menu
  • Skip to primary sidebar
  • Skip to footer
  • Home
  • Resources
    • Calculators
      • ISO Certification Cost Calculator
      • Cost of Quality Calculator
    • Lowest Cost ISO Services Quote Program
    • Online Gap Checklists
      • ISO 9001 Gap Checklist
        • ISO 9001 Gap Checklist Overview
        • ISO 9001 Gap Checklist Sample
        • ISO 9001 Gap Checklist Dashboard
      • ISO 45001 Gap Checklist
        • 45001 Checklist Gap Checklist Overview
        • ISO 45001 Gap Checklist Sample
        • ISO 45001 Gap Checklist Dashboard
      • ISO 27001 Gap Checklist
        • ISO/IEC 27001 Gap Checklist Overview
        • ISO 27001 Gap Checklist Sample
        • ISO 27001 Gap Checklist Dashboard
    • White Papers
      • AI and Quality Management: Many Questions, Few Answers
      • A Guide to Quality Risk Management
      • ISO 9001 Updates FAQ
      • Integrating ISO 27001 and ISO 9001
    • Job Salary Reports
      • Quality Professionals Salary Report
    • Free Quality Ebook
    • Glossary
  • Articles
    • Environment
    • Cybersecurity
      • Artificial Intelligence
      • Automation
      • Career
      • Certification Management
      • Continuous Improvement
      • Documentation
      • ISO 27001
      • Information Security Mgt. Systems (ISMS)
      • Management
      • Regulatory
      • Risk Management
      • Software
      • Supplier Quality
      • Sustainability
    • Management Systems
    • Manufacturing
    • Quality
      • Artificial Intelligence
      • Automation
      • Career
      • Certification Management
      • Continuous Improvement
      • Cost of Quality
      • Documentation
      • ISO 9001
      • LEAN-6 Sigma
      • Product Safety
      • Quality Management
      • Regulatory
      • Risk Management
      • Root Cause
      • Skills
      • Software
      • Supplier Quality
      • Sustainability
    • Safety
      • Product Safety Certification
      • Risk Management
  • What We Do
    • About Conformance 1
    • Group Purchasing
    • Negotiated Discounts
    • Why Buy Through Us?
  • Products/Services
    • Name Your Fee Training
    • Registrar Directory
    • Software Directory
    • Consultant Directory
  • Online Gap Checklists
    • ISO 9001 Dashboard
    • ISO 45001 Dashboard
    • ISO 27001 Dashboard
  • Contact
    • General Inquiries
    • Ask an ISO Expert
  • Login
    • Login
    • Log Out
Conformance1

Conformance1

Tools for conforming to standards, goals and processes

Cybersecurity-ISO 27001

ISO 27001 certification: What happens in the certification audit?

Leave a Comment Filed Under: Cybersecurity-ISO 27001

• ISO 27001 certification audits assess whether an organization’s Information Security Management System (ISMS) meets the standard’s requirements• The process includes a two-stage audit (documentation review and implementation review), optional readiness assessment, and post-audit monitoring• Audits identify non-conformities, guide corrective actions, and support continual … [Read more...] about ISO 27001 certification: What happens in the certification audit?

Implementing Technological Controls in ISO 27001

Leave a Comment Filed Under: Cybersecurity-ISO 27001

• ISO/IEC 27001:2022 includes 93 controls, with 34 categorized as technological, aimed at protecting information systems and enhancing resilience• Implementing these controls effectively requires risk assessment, contextual tailoring, and balancing security needs with usability and budget constraints• Benefits include regulatory compliance, automation of security processes, and … [Read more...] about Implementing Technological Controls in ISO 27001

A Deep Dive into ISO 27001 Password Requirements

Leave a Comment Filed Under: Cybersecurity-ISO 27001

OfficeRnD Flex Product Updates | New: Introducing Stronger Password

ISO 27001 underscores the critical role of password management in safeguarding sensitive data and achieving a strong security posture. It encourages organizations to develop password policies emphasizing complexity, minimum character lengths, and multi-factor authentication while promoting regular reviews and updates to stay ahead of evolving threats. Shared accounts are … [Read more...] about A Deep Dive into ISO 27001 Password Requirements

Securing Non-Human Identities (NHIs) and ISO 27001 Compliance

Leave a Comment Filed Under: Cybersecurity-ISO 27001

Securing non-human identities is a critical yet often overlooked aspect of ISO 27001 compliance. These identities, encompassing machine credentials such as API keys, service accounts, and IoT devices, facilitate automated processes and machine-to-machine interactions but also present security vulnerabilities due to their elevated access rights. Compromise of these identities … [Read more...] about Securing Non-Human Identities (NHIs) and ISO 27001 Compliance

How to Write an ISO 27001 Statement of Applicability

Leave a Comment Filed Under: Cybersecurity-ISO 27001

The ISO 27001 Statement of Applicability (SoA) is a key document that outlines which of the 93 Annex A controls apply to your organization and why. It defines the scope of your information security management system (ISMS), helps set priorities for implementation, and provides a framework for internal and external audits. The SoA ensures your approach to information security … [Read more...] about How to Write an ISO 27001 Statement of Applicability

Developing an ISO 27001 Information Security Policy

Leave a Comment Filed Under: Cybersecurity-ISO 27001

Developing an ISO 27001 Information Security Policy is critical for organizations seeking to establish and maintain an effective ISMS. The policy is a high-level document outlining an organization's commitment to information security and provides a framework for protecting its data and assets. According to Clause 5.2 of ISO 27001:2022, top management must establish an … [Read more...] about Developing an ISO 27001 Information Security Policy

Understanding ISO 27001 Key Performance Indicators (KPIs) and Their Benefits

Leave a Comment Filed Under: Cybersecurity-ISO 27001

ISO 27001 certification provides organizations with a framework for establishing, implementing, and continually improving their Information Security Management System (ISMS). ISO 27001 Key Performance Indicators (KPIs) are crucial to measuring the effectiveness of an ISMS. These metrics provide insights into whether security objectives are being met and whether the system … [Read more...] about Understanding ISO 27001 Key Performance Indicators (KPIs) and Their Benefits

ISO 27001:2022 Unpacked: Embracing Auditing Themes (Podcast)

Leave a Comment Filed Under: Cybersecurity-ISO 27001

Internal Audit - Definition, Objectives, Types

In the 2022 revision of ISO 27001, there has been a notable shift from domain-based to theme-based auditing, a change intended to streamline the audit process and make it more conversational. This reorganization into broader themes gives auditors more flexibility to tailor audits to an organization's specific risks, technologies, and operations. According to David Forman, … [Read more...] about ISO 27001:2022 Unpacked: Embracing Auditing Themes (Podcast)

ISO 27001 vs. SOC 2: Differences and Similarities

Leave a Comment Filed Under: Cybersecurity-ISO 27001

SOC 2 vs ISO 27001: What's the Difference and Which Standard Do You Need? | SecureFrame

ISO 27001 and SOC 2 are two prominent frameworks in the cybersecurity compliance landscape, each offering unique approaches to information security process management. ISO 27001, developed by the International Organization for Standardization (ISO) and the International Electrotechnical Commission (IEC), focuses on establishing and maintaining an Information Security Management … [Read more...] about ISO 27001 vs. SOC 2: Differences and Similarities

ISO 27001:2022 Controls Annex-A: All You Need To Know

Leave a Comment Filed Under: Cybersecurity-ISO 27001

Maintaining Information Security: ISO 27001 Best Practices | by Soumyajit Das | Medium

ISO 27001 provides a global standard for creating robust information security management systems (ISMS). Annex A of ISO 27001 outlines 114 controls categorized into 14 domains, which organizations use to manage security risks and achieve ISMS certification. An external certification body audits these controls to ensure the organization’s technology and processes are correctly … [Read more...] about ISO 27001:2022 Controls Annex-A: All You Need To Know

Podcast: ISO 27001 – The Benefits of an Information Security Management System

Leave a Comment Filed Under: Cybersecurity-ISO 27001

In this episode of The ISO Review Podcast, hosts Howard Fox and Jim Moran, who collectively boast 30 years of experience in ISO support, delve into the critical advantages of ISO 27001, particularly in light of a significant outage experienced by a major Canadian internet provider. They articulate how ISO 27001 certification could have mitigated such risks, safeguarded … [Read more...] about Podcast: ISO 27001 – The Benefits of an Information Security Management System

An In-Depth Guide to the 2022 Controls in ISO 27001

Leave a Comment Filed Under: Cybersecurity-ISO 27001

Information Security Management System (ISMS) | Feel free to… | Flickr

In its 2022 update, ISO 27001 introduced eleven new controls to bolster defenses against cybercrime's ever-evolving landscape. These controls underline the standard's commitment to maintaining a high level of resilience and ensuring the safety and trustworthiness of organizational operations.These new controls encompass a variety of areas crucial for the modern digital … [Read more...] about An In-Depth Guide to the 2022 Controls in ISO 27001

10 Best ISO 27001 Compliant Security Companies in 2024

Leave a Comment Filed Under: Cybersecurity-ISO 27001

In the dynamic digital world of 2024, businesses increasingly rely on technology, making it paramount to protect sensitive data and uphold robust security protocols. The international standard ISO 27001 sets the benchmark for creating, implementing, maintaining, and continually improving an Information Security Management System (ISMS). Achieving ISO 27001 compliance is not … [Read more...] about 10 Best ISO 27001 Compliant Security Companies in 2024

Key strategies for ISO 27001 compliance adoption

Leave a Comment Filed Under: Cybersecurity-ISO 27001

In an interview with Help Net Security, Robin Long of Kiowa Security shared key strategies for adopting ISO 27001 compliance, emphasizing the need for a detailed project roadmap and early booking of certification audits. Long advocates for prioritizing a limited number of security wins before fully implementing the standard and stresses the importance of selecting an internal … [Read more...] about Key strategies for ISO 27001 compliance adoption

How to Use ISO 27001 to Manage Cyber Attacks

Leave a Comment Filed Under: Cybersecurity-ISO 27001

Points that will be covered during this episode and then discussed further in subsequent episodes, include:A well-designed system requires that you identify potential sources of a security breach,mitigate them and provide a strong ongoing defense system for your information. An attack will happen – it’s not a case of ‘if’ it’s a matter of ‘when’.It’s virtually impossible to … [Read more...] about How to Use ISO 27001 to Manage Cyber Attacks

Top 10 ISO 27001 Compliance Challenges and Smart Fixes for Your Business

Leave a Comment Filed Under: Cybersecurity, Cybersecurity-Documentation, Cybersecurity-ISO 27001, Cybersecurity-Management

SecureSlate's article addresses the critical challenges businesses face while complying with ISO 27001 standards. Recognizing the growing significance of digital security and the increasing rate of cyber incidents, the article emphasizes that ISO 27001 adoption is essential for businesses to protect data and comply with cybersecurity regulations.The article begins by … [Read more...] about Top 10 ISO 27001 Compliance Challenges and Smart Fixes for Your Business

ISO Standards in Documentation: Helpful or Hindering?

Leave a Comment Filed Under: Cybersecurity-Documentation, Cybersecurity-ISO 27001, Cybersecurity-Management

Rachele Augusto's article, "ISO Standards in Documentation: Helpful or Hindering?" examines the evolving role of ISO standards in technical documentation. The report begins by tracing the history of ISO (International Organization for Standardization) standards in documentation, starting from the early 20th century. It notes the introduction of ISO 216 in 1975, which … [Read more...] about ISO Standards in Documentation: Helpful or Hindering?

ISO 27001 vs. NIST Cybersecurity Framework: What’s the Difference?

Leave a Comment Filed Under: Cybersecurity-ISO 27001, Cybersecurity-Management

The article provides a comprehensive comparison between two significant cybersecurity guidelines: ISO 27001 and the NIST Cybersecurity Framework (NIST CSF). While overlapping in some aspects, these frameworks have distinct approaches to enhancing information security.ISO 27001, developed by the International Organization for Standardization (ISO) and the International … [Read more...] about ISO 27001 vs. NIST Cybersecurity Framework: What’s the Difference?

ISO releases a new version of ISO/IEC 27001

Leave a Comment Filed Under: Cybersecurity-ISO 27001

ISO 27001 logo

ISO released a 2022 update to its information security management system, ISO 27002. As information security becomes a more prevalent concern, ISO's new standard aims to give additional security oversight tools to companies seeking a better picture of existing risks and needed security actions. The main revisions appear in information security controls that reflect any … [Read more...] about ISO releases a new version of ISO/IEC 27001

Changes in the New ISO/IEC 27001 and ISO/IEC 27002

Leave a Comment Filed Under: Cybersecurity-ISO 27001

ISO/IEC 27001 is under revision, and ISO/IEC 27002:2022 – Information Security, Cybersecurity And Privacy Protection – Information Security Controls has been released. The latest revision of ISO/IEC 27002 was published in February 2022, and ISO/IEC 27001 will follow shortly thereafter. The International Organization for Standardization (ISO)/International Electrotechnical … [Read more...] about Changes in the New ISO/IEC 27001 and ISO/IEC 27002

Primary Sidebar

Search

Email Newsletter

News delivered to your inbox

Name(Required)
Newsletter Preferences(Required)
This field is hidden when viewing the form
This field is for validation purposes and should be left unchanged.

Related Items

Help us improve our tool

Have a suggestion for improving our ISO Gap Analysis Checklist? Let us know.

Footer

Important Resources

Cost of Quality Calculator

ISO 9001 Online Gap Analysis

ISO Certification Cost Calculator

Free Quality Ebook

Process Improvement Survey

ISO 9001 Glossary

 

Recent Posts

  • Information Security Measures for a Procrastination Combatting Digital Solution
  • Cybersecurity Governance Toolkit
  • Quick Start Guide to Security Compliance
  • Best Practices for Cybersecurity Compliance Monitoring
  • ISO 27001 certification: What happens in the certification audit?

Search

Contact Us

About Us

Privacy Policy

 

Copyright © 2025 · Conformance1 · Log in