Category: ISO 27001

(ISO/IEC 27001:2022 and ISO/IEC 27002:2022) Written by Kiran Murthy & Eishu Richariya II Recently a publication notice was released regarding the ISO 27001 and ISO 27002 changes in 2022, which states that, “all organizations having an ISO 27001:2013 (ISMS) will be required to map and update their controls in place in accordance with the new recommendations […]

(ISO/IEC 27001:2022 and ISO/IEC 27002:2022) Written by Kiran Murthy & Tathagat Katiyar II ISO 27001 – A Framework for Information Security Management Systems ISO 27001 is an ISMS (Information security management system) standard that emphasizes a risk-based approach to the management of people, processes, and technological controls. The standard’s structured nature to auditing people and […]

Today’s world is an ever-changing scenario with changes to the technology sector happening more frequently than ever due to emerging technologies. The case is quite similar in the field of Cyber Security. There are a few industry-acclaimed cybersecurity standards for governing the processes and execution of these standards. These standards are usually built upon a […]

A risk management program allows you to manage overall information security risk.  It is an approach to identify, quantify, mitigate, and monitor risks.  The reason to look at risk in a comprehensive manner is to make sure no one area is getting too much attention or, too little. Frameworks also help you identify the bigger […]