Posts

Security Clauses to use for Supplier agreements

Image
ISO 27001 Certification not only helps in protecting a business, but it also sends a clear signal to customers, suppliers, and the marketplace that your organization has the ability to handle information securely. It helps one protect information such as financial data, intellectual property or sensitive customer information,  identify risks and puts in place security measures that are right for a business, so that one can manage or reduce risks. It helps you to continually review and refine the way to do this, not only for today but also for the future. International Standards were drafted in accordance with the rules given in the ISO Directives. The joint technical committee prepares International Standards.  So a revised version was drafted and adopted in 2013, which is presently the globally accepted ISO 27001 standards . Taking into consideration the intricate aspects of information security – The standard clarifies the prescribed activities expected to be carried out under
1 comment
Read more

6 Basic steps in ISO 27001 Risk Assessment and Treatment

Image
ISO 27001 Certification is a particularization for an Information Security Management System (ISMS) . It is a part of the overall management system, based on a business risk approach, to establish, implement, operate, monitor, review, maintain and improve information security. The management system includes organizational structure, policies, planning activities, responsibilities, practices, procedures, processes and resources. Risk Assessment it is the major and important part at the beginning of Information Security Management System. It is the overall process of risk identification, risk analysis and risk evaluation. Risk analysis is the process to understand the nature of risk and to determine the level of risk. Risk analysis provides the basis for risk evaluation and decisions about risk treatment and includes risk estimation. The organization’s risk assessor will recognize the risks and hazards that an organization is facing and leads a risk assessment. The risk as
14 comments
Read more