Blog ISO

A summary of ISO 27001 requirements for information security

ISO / IEC 27001 is an official standard for the information security of organisations. Regrettably the standard is not freely available, making it harder than necessary to look up what is actually required by ISO 27001. This has led to some misconceptions. While we still recommend you to read the full standard, we decided to create a good summary to…

Sieuwert van Otterloo 28 February 2017

Getting started with information security

Many organisations find it challenging to implement a full information security policy, because it affects all departments and many business aspects. The best approach in our view is to just get started, with a small team, interactive workshops and concrete steps. Once the team is up and running, you use continuous improvement to complete your approach, document…

Sieuwert van Otterloo 20 July 2016