In short, ISO 27001 is the standard for implementing an Information Security Management System (ISMS) that companies are certified against. It details what organisations must implement in order to have an ISMS that meets the requirements of ISO 27001. To broadly...
At Dionach we often get asked what documentation is required for ISO 27001. Beyond the obvious information security policy, there are quite a few policies and procedures that are required in various sections of the standard. For the most part we find that some...
A new version of the standard, ISO 27001:2013, was published on the 25th of September 2013. The new version replaces the older version, ISO 27001:2005. There will be a transition period for organisations to align their ISMS with the new standard and become certified...
The Gambling Commission requires that remote gambling licence holders get annual ISO 27001 security audits done. This needs to cover a specific subset of ISO 27001 controls, which are listed in section five of the Remote Gambling and Software Technical Standards...
There is an update to ISO 27001 planned for 2013 whereby the management system standards will be harmonised, the dropping of Plan Do Check Act model etc. I went to the UK User Group Consultation at BSI on 25th January. This provided the attendees to get an overview of...
