After 25 years the New Zealand Privacy Act is finally getting an update! It is based on 2011 recommendations from the Law Commission’s review. The new bill has just been released on 20th March and the act will come into force on 1st July 2019.
Category: Compliance
From Chaos to Conformance: 4 Context of the organisation
Information security is all about context!
In my previous two articles in this series focused on developing an Information Security Management System (ISMS) based on ISO 27001:2013, I presented the common myths associated with the standard. In this article, I am going to provide an overview of the standard and section 4 Context of the organisation.
From Chaos to Conformance: More ISO 27001 myths
Dispelling more common myths
Okay, I know I promised to delve into and discuss the requirements defined in 4 Context of the organisation. However, I realised that they are other common myths that I should dispel for those of you that are interested in implementing an Information Security Management System (ISMS) that conforms with ISO/IEC 27001:2013 (ISO 27001).
From Chaos to Conformance: A series on implementing an ISMS
Dispelling some common myths.
When certification scope is reduced, risk transparency suffers
Compliance, a way to provide clients with the assurance that you can safeguard their information
Perform a search on compliance and you will find that there are many definitions. People have a slightly different view of what compliance means and what is included or not. In general, compliance means conforming, satisfying or adhering to a rule. This rule can be a specification, a policy, a standard, a law, a procedure or a requirement.