Blog ISO 27001
Interview with ISO 27001 audit expert Philip Ku
Philip Ku is an international information security and audit expert. He is a certified lead auditor for ISO 27001 information security and also for related standards and trains auditors worldwide, including in The Netherlands. We interviewed Philip to understand how he became an expert and what he sees as new trends in information security.
Sieuwert van Otterloo
What documentation do you need for ISO 27001?
If you want an external auditor to certify your information security management system, you need to store documentation of for all elements in your policy. To make audits to go swiftly and smoothly, you should store all documented information in one easy-to-access place. In this post we provide an overview of what information needs to be stored and…
Sieuwert van Otterloo
ISO 27001 Lead Auditor training November 20-23
It is important and often mandatory for organisation with a security policy to provide the right training to all key roles involved in information security and privacy. One key role in security policies is internal auditor, and we recommend the ISO 27001 lead auditor course for anyone involved in the internal audit programme. This is…
Floris van den Broek
All candidates pass the ISO 27001 lead auditor exam
Congratulation to the candidates of our recent ISO 27001 lead auditor course. All candidates (Jan-Jasper, Joost, Floris, Sieuwert) that participate in this five day course have passed the exam. They can now call themselves IRCA certified information security auditors and are well equipped for key roles in information security teams.
Sieuwert van Otterloo
Information security and PDCA (Plan-Do-Check-Act)
Standards such as ISO 27001 require you to use a method for continuous improvement in your information security policy. PDCA or Plan-Do-Check-Act is the preferred method for most information security teams and we recommend you to use this method, described in this article.
Sieuwert van Otterloo