Phalanx

ISO 27001

How to use SOC 2 and ISO 27001 to build a Risk Management Program

Don’t treat a compliance initiative as a check-the-box activity. Instead, use it as an opportunity to get your leadership team on board with properly managing risks through the formalization of a risk management program. Compliance can mobilize your organization to start viewing risk management as an important business objective. 5 Ways to use compliance as…

ISO 27001

ISO 27001 Readiness Checklist

ISO 27001 Readiness Assessment Policy Questions Yes No Partially In-Place Flag for Discussion 1 We have up-to-date security policies and procedures that align to industry standard best practices. ☐ ☐ ☐ ☐ 2 We have up-to-date business continuity and disaster recovery plan. ☐ ☐ ☐ ☐ 3 We have up-to-date change…

ISO 27001

What is an ISMS and how does it impact ISO 27001 certification?

ISMS is an Information Security Management System (ISMS) addressed in clauses 4-10 of ISO 27001 Clauses 4-19 make up the core of the framework. The ISMS helps organizations establish a governance structure to manage their information security program, and is the primary focus of an ISO 27001 certification audit. What you need to know…

ISO 27001

How do I get ISO 27001 certified?

The journey to ISO 27001 certification typically involves two (2) steps: Implementation and Certification Step 1: ISO 27001 Implementation Before you can get certified you will need to implement an ISO 27001 compliant program. To implement ISO 27001, you may choose to do it yourself or engage a consulting firm to help build an…

ISO 27001