What is ISO27001 in the UK?

By |2024-02-23T13:12:18+00:00November 9th, 2023|ISO27001 Implementation|

What is ISO27001 in the UK? ISO27001 is the international standard (ISO) for Information Security Management Systems (ISMS). ISO 27001 has become one of the most widely adopted international standards for managing information security. It outlines the requirements for establishing, implementing, maintaining and continually improving an Information Security Management System (ISMS). An Information Security Management System does what is says on the tin. It is designed to protect business information and ensure the Confidentiality, Integrity and Availability of business information. Confidentiality, Integrity and Availability are the [...]

Read More
 0

Why are internal Audits important for ISO27001 Certification?

By |2024-02-23T13:07:02+00:00June 12th, 2023|Internal Audit, ISO27001 Certification, ISO27001 Implementation|

Why are internal Audits important for ISO27001 Certification? Internal audits are important for evaluating an organisation's compliance with ISO 27001 requirements and ensuring that the established security controls are effectively implemented. The internal audits happen throughout the year between surveillance audits with the external certification body. The aim on the internal audits is to ensure that your information security management system continues to work effectively and in line with the ISO27001 Standard. It’s a good idea to have the internal audits spread throughout the year as [...]

Read More
 0

Let’s talk policies and procedures

By |2024-02-23T13:10:31+00:00May 7th, 2022|ISO27001 Implementation, policies and procedures|

Let’s talk policies and procedures I often get asked why organisations should bother with policies and procedures. My response is that it creates a uniform structure by which the organisation works, saving time and resources. For larger organisations it shows a fairness in the way it operates as everyone has the same procedure to follow. What usually goes wrong is that the person writing the policy struggles to be able to put into words what needs to happen. Believe me, we have seen some policies which [...]

Read More
 0

ISO27001 Implementation – Daunting isn’t it?

By |2024-02-23T13:11:27+00:00March 7th, 2022|ISO27001 Implementation|

One of the first questions we get asked is "What does ISO27001 require us to do as an organisation in order to get certification?". We have had a number of clients who have been told they need to get ISO27001 certified so that a particular client will continue to work with them. When you first start looking at ISO27001, there are a number of elements to it, all of which appear to need completing at the same time. There is also specific terminology used as part [...]

Read More
 0

© Copyright | All Rights Reserved | Audit & Risk Professionals Llp | Registered in England and Wales, Company Number: OC393687. Registered Address: 2 Masefield Ave, Borehamwood, HERTS, WD6 2HQ | Privacy Policy |

Go to Top