The business context for information risk and security

Comments Off on The business context for information risk and security

Although the
organisational/business context is clearly relevant and important to information risk and
security management, it is tricky to describe. In my opinion, clause 4 of ISO/IEC 27001 is so succinct that it leaves readers perplexed as to …

Read More >>

5 Best Nightstand Gun Safes [COMPREHENSIVE GUIDE for 2022]

Comments Off on 5 Best Nightstand Gun Safes [COMPREHENSIVE GUIDE for 2022]

Our Top Pick: Vaultek VR10 Smart Handgun Safe Best Overall Vaultek VR10 Smart Handgun Safe The Vaultek VR10 deserves a top spot because of its impressive features, such as portability and slim design. The safe is made of thick 18-gauge steel and includ…

Read More >>

The sadly neglected Risk Treatment Plan

Comments Off on The sadly neglected Risk Treatment Plan

 For some curious reason, the Statement of Applicability steals the limelight in the ISO27k world, despite being little more than a formality. Having recently blogged about the dreaded SoA, ’nuff said on that.Today I’m picking up on the SoA’s shy …

Read More >>

Infosec principles (Hinson tips)

Comments Off on Infosec principles (Hinson tips)

Thinking about the principles underpinning information risk and security, here’s a tidy little stack of 44 “Hinson tips” – one-liners to set the old brain cells working this chilly mid-Winter morning:Address information confidentiality, integrity and a…

Read More >>

WANTED: a set of infosec principles we can all agree on

Comments Off on WANTED: a set of infosec principles we can all agree on

The SecAware corporate information security policy template incorporates a set of generic principles for information risk and security such as “Our Information Security Management System
conforms to generally accepted good security practices as descri…

Read More >>