Volg ICTI

Blog management

Register of suppliers – free template

Suppliers come in all shapes and sizes: utilities, cloud platforms, office facilities, email providers, equipment maintenance, accountants, freelancers, PEN-testers and last but not least, information security consultants like ICT Institute. Your relationship with them should include information security considerations. The security requirements for suppliers depends on the service or product they provide. Your outsourced HR…

Sieuwert van Otterloo

ISO27002:2022 explained – Technological controls

In this article, we explain the new ISO 27002:2022 chapter 8 – Technological controls. This covers the controls required to set up and maintain secure technological systems, particularly focusing on secure systems, development and code management. This is the last article in a series of four, each article covering one chapter: organization controls (chapter 5)…

Suzanne Atkins

A checklist for improving IT project schedules

With ICT Institute we visit a dozen software teams every quarter, in order to review their work and help them improve their project plan. About half the teams work in an agile fashion, the other half are using traditional project management. Most teams, luckily, are functioning well and are delivering value. Many teams are however behind schedule. They have underestimated…

Sieuwert van Otterloo

Financial project analysis with NPV

Reducing a software project to a financial number like NPV and IRR might seem like a shallow way to look at a project, and thus not agile. It turns out however that such a financial analysis can be very helpful to find out what a project really is about. This year we added portfolio management…

Sieuwert van Otterloo

A basic risk management method for information security

One of the requirements for good information security is to have a method for risk identification and assessment. This article describes one simple and practical method that can be used by any organisation.

Sieuwert van Otterloo