Blog template
ISO 27001 controls for security and business continuity
Disruptions in IT and business operations are not a question of “if” but “when”, as shown last year during the CrowdStrike massive outage. Disruptions include infrastructure failure, cyberattacks such as ransomware, even natural disasters but, more often, human error. For these reasons, the ISO 27001 2022 standard includes two important controls related to information security…
Pavlo Burda
Privacy statement generators: a comparison
All organizations processing personal data, even the ones without an in-house privacy expert, are required to disclose information on this processing. Most organizations do this through a privacy statement on their website. Several websites offer a free privacy statement generator, but do these actually produce valid privacy statements? In this article, we summarize the research…
Joost Krapels
Register of suppliers – free template
Suppliers come in all shapes and sizes: utilities, cloud platforms, office facilities, email providers, equipment maintenance, accountants, freelancers, PEN-testers and last but not least, information security consultants like ICT Institute. Your relationship with them should include information security considerations. The security requirements for suppliers depends on the service or product they provide. Your outsourced HR…
Sieuwert van Otterloo
GDPR template joint controllership agreement
When two companies process personal data together in an equal relationship, they must sign a join controllership agreement, We made a free template for such an agreement.
Sieuwert van Otterloo
Changes in CISSP: 2021 versus 2018
In April 2020, we wrote an article on the then current 2018 version of the Certified Information Systems Security Professional (CISSP) Body of Knowledge and provided a free study template. Technology evolves in a rapid pace, and with that the risks to an organisation’s information assets. The capabilities of and tools available to malicious actors…
Joost Krapels