Tag: ISO 27001

Search
Audit Blog

How to Provide Audit Evidence

So, you’ve been tasked with providing evidence for an audit. You may be wondering what your auditor is even looking for. Let’s take a look behind the scenes at why the auditor is asking for certain things, and how you can provide audit evidence to make your life (and your

Read More
Risk Assessment Blog

How to Perform a Risk Assessment (Part 2)

After you perform a risk assessment, what do you do with the results? Find out the answers to that and other common risk assessment questions in part 2 of this series! If you want to learn how to perform a risk assessment, check out part 1 of the blog here. How

Read More
Risk Assessment Blog

How to Perform a Risk Assessment (Part 1)

How do you perform a risk assessment, and what do you do with the results? Find answers to some common risk assessment questions in Part 1 of our two-part series! Why should you perform a risk assessment? Performing risk assessments regularly is a fundamental requirement of most security frameworks. A

Read More
Business Continuity

Maintaining A Compliant Business Continuity Environment

Do your business continuity plans account for your company’s compliance and regulatory requirements? For many, the answer to that question is “no”. An unfortunate reality encountered by companies across the globe in the past year. 2020 has been a year of growth and discovery in the world of business resiliency.

Read More
Improving Your ISMS

Improving Your ISMS Through Clause 7.2

Continual improvement of an ISMS (or any ISO management system) should always yield results for the organization. But what does “continual improvement” for a high growth technology company look like under ISO 27001? If you’re meeting the management system requirements and implementing all required controls, what actions should you take

Read More
Combining 9001 and ISO 27001

Combining ISO 9001 and ISO 27001 Efforts

Key areas of overlap to help you harmonize workstreams. The compliance universe is ever-expanding. In addition to various information security requirements, often including ISO 27001, business partners are increasingly asking their SaaS vendors to align to ISO 9001, the international quality standard. Companies may initially balk at this requirement. But

Read More
SOC 2 vs ISO 27001 Choosing a Compliance Framework

ISO 27001 vs SOC 2: Choosing a Compliance Framework

In a previous blog post, we discussed the differences between SOC 2 vs ISO 27001. In this post, we will look at the factors affecting the decision of choosing which  of the two compliance frameworks best aligns with the business needs of a high growth technology or SaaS firm. Client

Read More

SOC 2 vs ISO 27001: What’s The Difference?

Navigating the ins and outs of two of the most popular compliance frameworks. When it comes to vendor due diligence, many companies are raising the bar. This article will help you weigh the difference on SOC 2 vs ISO 27001.  In addition to evaluating vendor revenue, growth, and skills, security

Read More