Category Archives: ISO

www.iso.org
ISO (International Organization for Standardization) is the world’s largest developer and publisher of International Standards.

Converting ISO 27002 into an excel and a graph

ISO 27002 “Code of practice for information security controls” list 144 controls with the same structure for all the controls. If one would like to work on these controls, like reusing them in another documentation or doing a presentation etc, … Continue reading

Posted in Anvanced Tools, DIY, ISO, Security Standardization and Practises, Tips, Tools | Comments Off

Updated ISO 27000, 27001 and 27002

The most important Information Security Management standard has been updated. 27000:2012 Overview and vocabulary download 27001:2013 Requirements 27002:2013 Code of practice for information security controls Other Links The new version of ISO/IEC 27001:2013 is here Transition Guide Mapping Guide 27001:2013 … Continue reading

Posted in ICT News, ICT Standards, ISO, Security Management, Security News, Security Standardization and Practises | Comments Off

Common Criteria, main links

Wikipedia: Common Criteria is a framework in which computer system users can specify their security functional and assurance requirements, vendors can then implement and/or make claims about the security attributes of their products, and testing laboratories can evaluate the products … Continue reading

Posted in ISO, Security Certifications, Security Standardization and Practises, Security Training, Awareness and Reports | Comments Off

ISO 27001 Training videos

There exist nice video set about ISO 27001, presented by Martin Dion. Worth to watch! The tree videos available are: ISO 27001 JanuaryTraining: Introduction to standards (ISO, NIST, PCI etc) ISO 27001 FebruaryTraining Information Security Roles and Responsibilities ISO 27001 … Continue reading

Posted in ISO, Security Standardization and Practises, Security Training, Awareness and Reports | Comments Off

ISO Standards, Risk Management and Information Security Vocabularies

There are different vocabularies for Information Security. One good reference Risk Management is the ISO Guide 73 from 2009. For Information Security, one should look ISO 27000 from 2009. Unfortunately these standards are not free. For free vocabulary, it is … Continue reading

Posted in ICT Terminology, ISO, Risk Management, Security Terminology, Security Training, Awareness and Reports | Comments Off

ISO 27001 “Information Security Mangement System” video in swedish (from 2010)

There are videos available from 2010 in youtube. Presentation by Lars Söderlund, Alliansor AB – he is teacher at Swedish Standards Institute SIS part 1 part 2 part 3 part 4 part 5 part 6 Other link to SIS: Information … Continue reading

Posted in ISO, Security Management, Security Standardization and Practises, Security Training, Awareness and Reports | Comments Off

ISO 27001 Certifications Register

It is possible to view which companies and organizations have ISO 27001 certification via site “International Register of ISMS Certificates“. In their “number of certification per Country” list, there are about 7300 certifications.   Please note, the information is maintained … Continue reading

Posted in ISO, Security Management, Security Organizations | Comments Off