Blog information

ISO27002 and Statement of Applicability explained
This article describes the set of controls from ISO 27001:2013. There is a new version of the standard, ISO 27001:2022 with a new set of controls. Please check the following articles to learn about these controls: A5 organisational controls A6 people controls A7 physical controls A8 technological controles What is ISO27002? One of the most…
Joost Krapels
ISO27002 explained, part 4
This article describes the set of controls from ISO 27001:2013. There is a new version of the standard, ISO 27001:2022 with a new set of controls. Please check the following articles to learn about these controls: A5 organisational controls A6 people controls A7 physical controls A8 technological controls The article is part four of a…
Joost Krapels
ISO 27001 Lead Auditor training November 20-23
It is important and often mandatory for organisation with a security policy to provide the right training to all key roles involved in information security and privacy. One key role in security policies is internal auditor, and we recommend the ISO 27001 lead auditor course for anyone involved in the internal audit programme. This is…
Floris van den Broek
All candidates pass the ISO 27001 lead auditor exam
Congratulation to the candidates of our recent ISO 27001 lead auditor course. All candidates (Jan-Jasper, Joost, Floris, Sieuwert) that participate in this five day course have passed the exam. They can now call themselves IRCA certified information security auditors and are well equipped for key roles in information security teams.
Sieuwert van Otterloo
Information security – Cryptographic controls policy example
Using cryptographic controls such as encryption can help with information security, but only if it is applied correctly. To make sure it is used in the right way, it is recommended by standards such as ISO 27002 have a data encryption policy. In this article we share the ICT Institute data encryption policy, that is…
Sieuwert van Otterloo