Whitepapers

 
ISO 45001 Occupational Health and Safety Management System Requirements

In recent times compared to previous years, the world has experienced rapid changes in technology, competition, economy, education and so on. The world that we live in is constantly evolving and advancing, and so have the human expectations and demands. Different organizations are aware of the need to keep up with industry or sector trends in order to compete in a continuously changing world. Consequently, due to these circumstances, organizations have to adapt in order to work successfully in different and complex environments. These changes often involve multinational supply chains and those operations which organizations' have outsourced. Also, the differences between nations, organizations, and societies form part of those complexities. Therefore, effective management is a high priority at board-level.

Read More....
ISO 37001:2016 - Anti-Bribery Management Systems (Requirements with guidance for use)

An Anti-bribery Management System (ABMS) indicates a profound assurance to ethical behavior that helps an organization to function well, increase reputation and avoid potential bribery risks. Designed by businesses and other stakeholders worldwide, ISO 37001 has the potential to reduce corporate risk and costs related to bribery by providing a manageable business framework for preventing, detecting and addressing bribery. The whitepaper addresses requirements and provides guidance for the creation of a management system in compliance with anti-bribery laws.

Read More....
No ISO 27001 Certified Companies Among Largest Data Breaches 2014-2015

Corporate data breaches reports constantly hit new headlines, which serve to remind us that nowadays our information is unsecured more than it’s ever been before. In 2015, data breaches, cybercrimes, and hacking were top business issues that garnered much media attention and compromised the integrity of many companies. PECB has conducted a research on the biggest data breaches done in 2014 and 2015.

According to this research, no industry – online dating, health insurers, toy manufactures, service providers, federal governments, and other sectors of industry – was immune to cyber–attacks. From the 20 biggest breaches, on average, each one affected about 35 million people. The company that was affected the most was eBay, followed by Anthem and JP Morgan.

Read More....
ISO 45001 Transition

According to the International Labor Organization statistics, every day 6,300 people die as a result of occupational accidents or work-related diseases - more than 2.3 milion deaths per year, while 317 milion accidents occur on the job annually. In order to reduce these numbers, ISO is developing a new standard ISO 45001 Occupational Health and Safety Management System - Requirements that will help organizations improve employee safety, reduce workplace accidents, safer working conditions, all over the world.

Read More....
ISO/IEC 27002:2013 Information Technology - Security Techniques Code of Practice for Information Security Controls

The Information Security standard ISO/IEC 27002:2013 is the “Code of Practice for Information Security Controls”. First it was published by the International Organization for Standardization (ISO) and by the International Electro Technical Commission (IEC) in December 2000 as ISO 17799.

Today, ISO/IEC 27002 is part of the ISO27XXX series. The document provides best practice recommendations and guidance for organizations selecting and implementing information security controls within the process of initiating, implementing and maintaining an Information Security Management System (ISMS).

Read More....
ISO 14001:2015 Environmental Management Systems - Requirements

Environmental issues are expected to increase in severity and frequency. The industry sector remainsone of the largest contributors of the environmental pollution, which is why organizations are becoming increasingly aware of the need for environmental management
 
ISO 14001 is the international standard for environmental management systems published by the International Organization for Standardization (ISO).An Environmental Management System (EMS) consists in a framework that helps a company achieve its environmental goals through consistent control of its operations. The EMS helps thus a company to addressing its regulatory demands in a systematic and cost-effective manner.

Read More....
ISO/IEC 27005 Information Technology – Security Techniques Information Security Risk Management

Information Security Risk Management, as proposed by this standard, goes beyond specific passwords, firewalls, filters and encryption. Its comprehensive approach, for the time being part of a growing family of ISO/IEC 27000 series of standards in the area of information security management systems, helps businesses take a structured approach of managing information security risks. It is a supportive standard which provides guidelines.
 

Read More....
ISO 29100 How Can Organizations Secure Its Privacy Network?

During the past years, we have witnessed huge record losses because of many information security incidents involving personally identifiable information (PII) that have affected both individuals and organizations.In response to on-going privacy related incidents happening to large corporations, small companies, and to famous individuals, in 2011, ISO has developed the ISO/IEC 29100 Privacy framework and ISO 29101 Privacy framework architecture to provide a higher level framework for securing Personally Identifiable Information PII with Information and Communication Technology systems.

ISO/IEC 29100 is intended to be used by persons and organizations involved in designing, developing, procuring, architecting, testing, maintaining, and operating information and communication technology systems where privacy controls are required for the functioning of PII.

Read More....
CLFE Certified Lead Forensic Examiner
IT Security 2015.10.27

Computer forensics is the use of analytical and investigative methods to identify, collect, examine and preserve evidence that is magnetically stored or encoded in PC’s, hard disks, flash drives, PDA’s, mobile phones, etc. Computer forensics can be used as evidence for computer crimes or any other crime, in addition to finding out exactly what happened on a computing device and who is responsible for the occurrence

 

 

Read More....
ISO 27001 Information Technology – Security Techniques Information Security – Management Systems - Requirements

Many organizations take information security measures or controls to protect their information, information assets and business processes. Organizations of any size and type, regardless whether they are involved directly or indirectly in information technology, should engage in a preventive, protective, preparatory, and mitigation process

ISO/IEC 27001:2013 is developed with the intent to help organizations improve their information security and minimize the risk of business disruptions.The requirements set in ISO 27001 are generic, flexible and useful to all types of organizations. Thus, this ISO Standard, being a Management System, can be aligned with other Management Systems such as Quality Management, Business Continuity Management and other management systems due to their similar structure.

Read More....
Click to Verify - This site has chosen a GeoTrust SSL Certificate to improve Web site security