ISO 27001 A.18.1.1: How to satisfy Legal, Regulatory, Contractual, and other requirements

From an information security management point of view, complying with the required laws, regulations and contractual obligations can be as much of a challenge as dealing with the ever-evolving threat landscape and new forms of attacks.  What many organizations fail to understand is that both are equally important. Mandatory requirements can come in the form Read more…

Top 7 Ways GDPR Affects Your Organization

If there is one thing the last couple years have made clear, it is the lack of respect towards personal data privacy. From companies with inadequate security controls leading to improper management of sensitive information to businesses making a profit by selling clients’ information and even government agencies that like to play big brother. At Read more…

How to Manage the 2016 SOC 2 Content Update

In our ever changing technological and corporate environment, it is only natural for standards and best practices to receive regular updates that try to both accommodate corrections and improvements. That is what just recently happened to the American Institute of Certified Public Accountants criteria for the Trust Services Principles (TSP) by releasing a SOC 2 Content Read more…

How to Maintain ISO 27001 Certification

As old the saying goes no good deed goes unpunished, and some may feel that goes with the aftermath of a successful ISO 27001 certification project. With your organization now certified, you might feel you could breathe a sigh of relief and take a long well-deserved vacation. Your ongoing effort to maintain your ISMS during Read more…

Six Features to Consider When Evaluating GRC Platforms

Governance, Risk, and Compliance (GRC) is increasingly becoming a more integral part of most businesses, especially with mandates of risk analysis and information security integration within all aspects of business processes. Most organizations have regulatory, contractual or legal requirements obligations, and complying with these may seem like a daunting task to manage, and it can Read more…