November 19, 2014 Should all applicable controls be mentioned in documenting an ISMS? In my very first job we were told, repeatedly told, to document everything and keep our personal journals up to date. Not just with…
August 9, 2012 How to build an asset inventory for 27001 How do you know WHAT assets are to be included in the ISO-27K Asset Inventory? This question and variants of the “What are assets…
July 2, 2012 Tight budgets no excuse for SMBs’ poor security readiness http://www.zdnet.com/tight-budgets-no-excuse-for-smbs-poor-security-readiness-2062305005/ From the left hand doesn’t know what the right hands is doing department: Ngair Teow Hin, CEO of SecureAge, noted that smaller companies…
August 24, 2011 The real reasons for documentation – and how much he documentation required and/or needed by ISO-2700x is a perenial source of dispute in the various forums I subscribe to. Of course management has…