Volg ICTI

Blog 27001

ISO27002 and Statement of Applicability explained

This article describes the set of controls from ISO 27001:2013. There is a new version of the standard, ISO 27001:2022 with a new set of controls. Please check the following articles to learn about these controls: A5 organisational controls A6 people controls A7 physical controls A8 technological controles What is ISO27002? One of the most…

Joost Krapels

A summary of ISO 27001 requirements for information security

ISO / IEC 27001 is an official standard for the information security of organisations. Regrettably the standard is not freely available, making it harder than necessary to look up what is actually required by ISO 27001. This has led to some misconceptions. While we still recommend you to read the full standard, we decided to create a good summary to…

Sieuwert van Otterloo

Four password policy rules that lead to better cyber security

A good password policy is one of the simplest and most important security measures one can take. In this article we describe the four rules that any company should include in their security policy, especially if they want to comply to the ISO 27001 standard.

Sieuwert van Otterloo

Getting started with information security

Many organisations find it challenging to implement a full information security policy, because it affects all departments and many business aspects. The best approach in our view is to just get started, with a small team, interactive workshops and concrete steps. Once the team is up and running, you use continuous improvement to complete your approach, document…

Sieuwert van Otterloo