This post summarizes the steps to implement ISO/IEC 27001 in an organization. It pretends to be a high-level overview of the whole process and gives a holistic view. If you need further details on this, you may do some research on each sub-phase, refer to the original ISO/IEC 27000 family documentation (specifically ISO/IEC 27001, 27002 […]
How to get PECB ISO/IEC 27001 Lead Implementer Certification
ISO/IEC 27001 (sometimes shorted as ISO 27001) is an international standard on how to manage information security in an organization. The standard was originally published jointly by the International Organization for Standardization and the International Electrotechnical Commission in 2005, but has been reviewed since them. People who work on ISO/IEC 27001 can get personal certifications […]
ISO/IEC 27001 Lead Implementer Certifications
ISO/IEC 27001 is an international standard to implement an ISMS in an organizations. Professionals that want to get the knowledge to implement ISO/IEC 27001 and be able to prove it to third parties may look for a certification on this subject.This post lists some popular ISO/IEC 27001 Lead Implement Certifications. IAF (International Accreditation Forum) issued […]
IT Security Frameworks for Organizations
This post lists some of the most popular IT frameworks that can be used by an organization to implement their security. List of cybersecurity frameworks: NIST Cybersecurity Framework (CSF) ISO/IEC 27001 CIS Critical Security Controls (CSC) List of Cybersecurity Frameworks NIST Cybersecurity Framework (CSF) Issued by NIST (National Institution of Standards and Technology) of […]
Trusted Platform Module (TPM)
Trusted Platform Module (TPM, also known as ISO/IEC 11889) is an international standard for a secure cryptoprocessor, a dedicated microcontroller designed to secure hardware through integrated cryptographic keys. It is used to generate a password safely in a system. It avoids generating a password in an external system and having to transport it from one […]