by Andrea VanSeveren | Oct 13, 2021 | ISO 27001 Certification
Reading Time: 3 minutes
With most cybersecurity frameworks, such as SOC 2 or NIST 800-171, the emphasis is on the controls, with all organizations being obliged to implement the same “one size fits all” control set. Many companies seeking ISO 27001...
by Andrea VanSeveren | Oct 12, 2021 | ISO 27001 Certification
Reading Time: 2 minutes
Organizations that are pursuing ISO 27001 certification often think that the standard is all about the controls. When you’ve implemented and documented all 114 controls in ISO 27001’s Annex A, you’re good-to-go for your certification...
by Andrea VanSeveren | Oct 11, 2021 | ISO 27001 Certification
Reading Time: 3 minutes
If your company is working towards ISO 27001 certification, you may be laser-focused on achieving that goal, and perhaps not worrying about what other cybersecurity and privacy efforts might need to come later. But with a little...
by John Verry | Oct 7, 2021 | Cybersecurity Maturity Model Certification (CMMC)
Reading Time: 2 minutes
A lot of DIB members are anxiously awaiting the results of the DoD’s review of CMMC. The guidance that I have been giving our clients is that the review is less likely to impact you than the C3PAOs. My argument is simple: the...
by Andrea VanSeveren | Oct 6, 2021 | ISO 27001 Certification
Reading Time: 3 minutes
Most organizations pursue ISO 27001 certification because they are under pressure from clients, regulators and/or investors to prove they can protect sensitive data. Often, there’s time pressure as well. Deals may be on the line. So...
