How to create an information security policy for ISO 27001

How to create an information security policy for ISO 27001

What is an information security policy for ISO 27001? Your company’s information security policy is the driving force for the requirements of your information security management system (ISMS). The policy needs to capture board requirements and, organisational reality, and meet the requirements of the ISO 27001 standard if you’re looking ... Read More

Who is a data protection officer under the GDPR?

From 25 May the General Data Protection Regulation (GDPR) applies to all organisations that process EU residents’ personal data. As part of your compliance project, it’s important to understand the role of the data protection officer (DPO). The DPO’s role A DPO can help you address the GDPR’s compliance demands ... Read More

Identifying interested parties and their expectations for an ISO 27001 ISMS

There are many reasons for implementing an information security management system (ISMS), and identifying and understanding interested parties is crucial for an organisation to develop its information security. What is an ISMS? A system of processes, people and technology that helps to manage, monitor and improve your organisation’s information security, ... Read More