Tips for ISO27001 certification

More information about ISO27001 is available on our website. 5 tips – for Risk Assessments Read – yes, actually read – the parts of the standard that refer to risk assessment Make sure you cover *everything* the standard expects for risk assessment ‘define and apply….process’ – document the process all risks must have an owner… Read More

Navigating the ‘new normal’ – take opportunities, manage risks

COVID19 has meant changes to how we live and work. Organisations of all sizes must now adapt to the ‘new normal’ to survive and grow. Some changes will be positive – why didn’t we do this before! – while others will unfortunately have a negative impact. Organisations that think about what could be done in… Read More

Highlights from our work in 2019

2019 was the year when we worked in more business sectors to help with Information and Cyber Security and data protection requirements. ISO27001 Helped 3 SMEs get ISO27001 certification Worked with 4 organisations on their ISO27001 Surveillance programmes. This included updating of risk assessments, doing internal audits and running desktop tests of business continuity plans… Read More

So tell me….who owns this risk?

Recent experience of helping new clients develop information asset based risk management processes has given me more insight into the area of who REALLY owns risks (and opportunities). Most of the work I have been doing is in the context of a risk process aligned with ISO27001 requirements, but some risk assessments had very specific… Read More