by Andrew Frost | Feb 5, 2020 | ISO 27001 Certification
Reading Time: 2 minutes
I regularly perform internal Information Security Management System (ISMS) ISO 27001 audits for our clients. These internal audits provide management with assurance that the ISMS is effectively implemented and maintained. They also... by Eddie Taliaferro | Nov 5, 2019 | ISO 27001 Certification
Reading Time: 2 minutes
Organizations seeking ISO 27001 certification sometimes choose to “err on the side of caution” and document “everything.” Usually this is because they don’t have a solid understanding of what ISO 27001 actually requires them to... by Andrew Frost | Oct 30, 2019 | ISO 27001 Certification
Reading Time: 2 minutes
Meghan Trainor was on to something… those are the lyrics to that song, right? Last week one of my clients got a little frantic about the scope of his company’s ISO 27001 engagement. They’re a SaaS vendor and he was stuck on the idea... by John Verry | Oct 4, 2019 | ISO 27001 Certification
Reading Time: 3 minutes
Recently I joined a vCISO call with one of our SaaS clients. They are considering ISO 27001 certification and immediately presented us with the question: “Do we need AlienVault (now called AT&T Cybersecurity) to be ISO 27001... by Andrew Frost | Sep 27, 2019 | ISO 27001 Certification
Reading Time: 3 minutes
One of the mainstays of an ISO 27001 Information Security Management System (ISMS) is document, document, document. To do that, we develop auditable artifacts; and let’s face it, there are many. So why create another artifact that... by Eddie Taliaferro | Sep 16, 2019 | ISO 27001 Certification
Reading Time: 2 minutes
Recently I conducted a surveillance audit for a SaaS provider that has been ISO 27001 certified for over three years. I logged five nonconformities… so something was off. Their information security program wasn’t moving forward as it...
