Blog iso27001
ISO27002 explained, part 2
The article is part two of a series of four articles. The article series briefly explain each control that is mentioned in the ISO 27001 statement of applicability. The explanation is based on ISO 27002. —————–Article 1—————– Information Security Policies A5 Organization of Information Security A6 Human Resource Security A7 Asset Management A8 —————–Article 2—————-…
Joost Krapels ISO27002 explained, part 3
The article is part three of a series of four articles explaining ISO 27002 and the ISO 27001 statement of applicability. The article series briefly explain each control that is mentioned in these standards. The explanation is based on ISO 27002. —————–Article 1—————– Information Security Policies A5 Organization of Information Security A6 Human Resource Security…
Joost Krapels ISO27002 explained, part 4
The article is part four of a series of four articles explaining ISO 27002 and the ISO 27001 statement of applicability. The article series briefly explain each control that is mentioned in these standards. The explanation is based on ISO 27002. —————–Article 1—————– Information Security Policies A5 Organization of Information Security A6 Human Resource Security…
Joost Krapels
Four password policy rules that lead to better cyber security
A good password policy is one of the simplest and most important security measures one can take. In this article we describe the four rules that any company should include in their security policy, especially if they want to comply to the ISO 27001 standard.
Sieuwert van Otterloo
Getting started with information security
Many organisations find it challenging to implement a full information security policy, because it affects all departments and many business aspects. The best approach in our view is to just get started, with a small team, interactive workshops and concrete steps. Once the team is up and running, you use continuous improvement to complete your approach, document…
Sieuwert van Otterloo