ISO 27001 is a robust security framework that comprehensively evaluates and certifies an organization’s security posture. What does it have to say about an organization’s exposure to security vulnerabilities? What requirements are there for ISO 27001 penetration testing? In this article, I’ll work to answer those questions and more. My goal is to demystify ISO […]
Should You Do Penetration Testing for ISO 27001? A CISO Explains Read More »
An ISO 27001 Gap Assessment, also known as an ISO 27001 gap analysis, is performed by the business at the very beginning of its ISO 27001 certification journey. The ISO 27001 gap assessment provides an overview of the organization’s ISMS operational status, as well as provides insight into any corrective action plans (CAPs) that must
Are ISO 27001 Gap Assessments Worth It? Read More »
Whether to start down the path to ISO 27001 certification is a difficult and important decision for any company. In addition to our deep dives on the cost of ISO 27001 and how it compares to SOC 2, we’ve compiled this list of answers to the 19 most common questions we get about the ISO
ISO 27001 Certification: 19 Crucial Questions Answered Read More »
ISO 27001 certification is an internationally recognized framework that addresses your organization’s ISMS (Information Security Management System) and how seriously your organization takes the security of its data. In deciding to pursue an ISO 27001 certification for your business, one of the first questions that will come up is: How much will this cost? The
Here’s How Much ISO 27001 Certification Costs Read More »
Determining what certification your organization should pursue can be a challenge, it’s important to know what standard will best suit your organization and why. ISO 27001 and SOC 2 are top choices to be able to prove that your organization is cyber resilient, but which one is best and why? SOC 2 and ISO 27001
ISO 27001 vs SOC 2: 6 Key Differences Explained Read More »
