by Richard Barrus | Oct 1, 2021 | ISO 27001 Certification
Reading Time: 2 minutes
ISO 27001 certification is a significant undertaking that impacts many areas of your business. You want to be aligned with best practices from the outset. In our ISO 27001-as-a-Service business, we find that many clients start out...
by Richard Barrus | Sep 30, 2021 | ISO 27001 Certification
Reading Time: 2 minutes
In our ISO 27001-as-a-Service practice, we encounter a lot of misconceptions that can cause organizations to stumble on their path to ISO 27001 certification. One of these is the widely held view that the ISO 27001 framework, like...
by Richard Barrus | Sep 28, 2021 | ISO 27001 Certification
Reading Time: 2 minutes
In the ISO 27001 framework, the most important element is scope. But because ISO 27001 isn’t as prescriptive as some other cybersecurity frameworks, like SOC 2 or CMMC, people often think that an organization can arbitrarily define...
by Richard Barrus | Sep 27, 2021 | ISO 27001 Certification
Reading Time: 2 minutes
In our ISO 27001-as-a-Service practice, the single most common mistake we see with organizations prepping for ISO 27001 certification is starting off with a gap assessment. At face value, starting with a gap assessment would seem to...
by John Verry | May 18, 2021 | ISMS Consulting
Reading Time: 4 minutes
Part of my day job is acting as Pivot Point Security’s CISO. In that role, I have participated in our ISO 27001 ISMS Internal Audit and our Registrar’s Surveillance Audit over the last two weeks. In the initial meeting, I always say...