At the end of 2019, Axenic’s leadership team agreed to implement our strategy to achieve ISO 27001 certification. This took the form of setting aside resources to spend time on designing and implementing our Information Security Management System (ISMS). In this blog series, we will be taking you through Axenic’s journey to certification – to catch up on Part One of the series click here. In our second blog of the Axenic ISO 27001 certification journey, we take a look at the planning stage and what was involved in this important step.
Category: ISMS
From Chaos to Conformance: 4 Context of the organisation
Information security is all about context!
In my previous two articles in this series focused on developing an Information Security Management System (ISMS) based on ISO 27001:2013, I presented the common myths associated with the standard. In this article, I am going to provide an overview of the standard and section 4 Context of the organisation.
From Chaos to Conformance: More ISO 27001 myths
Dispelling more common myths
Okay, I know I promised to delve into and discuss the requirements defined in 4 Context of the organisation. However, I realised that they are other common myths that I should dispel for those of you that are interested in implementing an Information Security Management System (ISMS) that conforms with ISO/IEC 27001:2013 (ISO 27001).
From Chaos to Conformance: A series on implementing an ISMS
Dispelling some common myths.
Who can afford an attack on their Critical Infrastructure?
The world does not suffer from a shortage of hostile individuals or nations, from politically motivated parties, groups and nations, to ideologically motivated individuals and profit-motivated criminals. Information security attacks remain on the top of the list for being a global extensible war tool.