Compliance Archives - Page 2 of 3

From Chaos to Conformance: A series on implementing an ISMS

Dispelling some common myths.

By Jim, on 24 April, 2017

This is a new blog series on implementing an Information Security Management System (ISMS) based on ISO/IEC 27001:2013 (ISO 27001). This is the first in a series of blog articles aimed at helping organisations understand the value of implementing an ISMS that conforms with ISO 27001.

When certification scope is reduced, risk transparency suffers

By Lisa, on 3 December, 2015

How are risk owners and agency heads able to make informed decisions about ICT system accreditation without being provided with adequate information?

Compliance, a way to provide clients with the assurance that you can safeguard their information

By Jim, on 27 March, 2015

Perform a search on compliance and you will find that there are many definitions. People have a slightly different view of what compliance means and what is included or not. In general, compliance means conforming, satisfying or adhering to a rule. This rule can be a specification, a policy, a standard, a law, a procedure or a requirement.

If you are not measuring it, you are not managing it.

By Jim, on 9 July, 2014

In my last article I spoke at some length about not just why a Security Policy is important, what its content should be, but also how it should be written. There is no default setting for Security Policy. Remember, what works for one organisation probably won’t work for another.

Information Security Management Systems – It’s all about the Business!

By Axenic Team, on 25 May, 2014

An Information Security Management System (ISMS) is a security framework comprised of policies, processes and the management of technologies to address an organisation’s information security requirements.

Using Sampling To Ensure Effective Audit, Certification and Accreditation.

By Jim, on 11 March, 2014

At Axenic, we have two ISO 27001 Lead auditors and perform a significant number of certification reviews for NZ government agencies. One of the common challenges of auditing is selecting which controls (both procedural and technical) to assess when a client has a limited time-frame or budget.

The Blog

Category: Compliance