by John Verry | Jun 11, 2013 | ISO 27001 Certification
Reading Time: 2 minutes
A common misconception is that an organization can choose to get certified to the ISO 27002 standard. I’ve noticed that this misconception is more prevalent with long-time information security practitioners, who understand that ISO...
by John Verry | Jun 27, 2012 | ISO 27001 Certification
Reading Time: 2 minutes
Our Ethical Hacker Roundup last week included a blurb on stricter laws to protect patient health information (PHI) in Health Information Exchanges (HIEs). That led me to download and read the new ISO-27010 Standard (Information...
by Scott | Nov 2, 2011 | ISMS Consulting
Reading Time: < 1 minuteDuring a recent discussion, a customer asked John Verry what the differences are between an ISO 27002 Gap Assessment and a BITS Shared Assessment. As usual, we decided to educate our blog readers with the answer to that question. ISO 27002...
by John Verry | Sep 5, 2011 | ISO 27001 Certification
Reading Time: 2 minutes
A colleague asked me about my opinion on the differences between HITRUST Certification and ISO 27001 Certification. More specifically, he asked three very important questions. I decided to share my thoughts and reply on the blog...
by John Verry | Mar 17, 2011 | ISO 27001 Certification
Reading Time: 2 minutes
The phrase “Small Is Beautiful” is widely credited to by British economist E. F. Schumacher. It has evolved to champion small, enabling and empowering approaches, , in contrast with phrases such as “bigger is...