Fique off-line com o app Player FM !
ISO/IEC TS 27008:2019 - Clauses 8.2.6 Work Assignments, 8.2.7 External Systems, and 8.2.8 Information Assets and Organization
Manage episode 428035132 series 3372790
Howard and Jim chat about ISO/IEC TS 27008:2019 - Clauses 8.2.6 Work Assignments, 8.2.7 External Systems, and 8.2.8 Information Assets and Organization.
POINTS DISCUSSED
- The importance of thinking about information as an asset, and how can this mindset shift impact the effectiveness of an organization's information security management system .
- The inevitability of cyberattacks, and how ISO 27001 prepares organizations for the inevitable rather than the hypothetical.
- The significance of auditor independence and objectivity in the context of information security assessments, and how can organizations ensure these principles are upheld?.
- The challenges of auditing external systems, particularly those in the cloud, and the strategies organizations employ to mitigate these challenges?
- How the guidelines help organizations create more robust contracts with their suppliers and service providers.
- Daily practices, akin to a pilot's pre-flight checklist, for maintaining information security awareness within an organization.
- The role of incident response plans in mitigating the impact of cyberattacks, and how can organizations ensure these plans are effective and well-practiced.
- The importance of using standards-based testing protocols in assessments.
- How the concept of layered process auditing (LPA) improves the continuous monitoring and enhancement of an ISMS.
LEARN MORE
Click here to try Conformance1's free online ISO 27001 Gap Checklist.
UPCOMING EPISODES
Howard and Jim continue to deep dive into ISO/IEC TS 27008:2019 - Clause 8.2.9 - Extended Review Procedures, Clause 8.2.10 - Optimization, and Clause 8.2.11- Finalization.
NEXT STEPS
Please follow us on your preferred podcast directory. We appreciate your likes & comments, and shares.
Click here to visit the SimplifyISO website to discover how our cloud-based management system will satisfy all the Standards requirements, client requirements, and any other requirements that you have to meet.
Click here to visit the International Management System Institute website, and learn about how and why you should consider becoming a Certified ISO Management System Professional.
Learn more about Jim on LinkedIn & YouTube
LinkedIn
LinkedIn Articles
YouTube
Click here to learn more about the Coaching and Podcast Services provided by Fox Coaching, inc.
Keywords
ISO 27001, Clause 8.2.6 - Work Assignments, Clause 8.2.7 - External Systems, and Clause 8.2.8 - Information Assets and Organization, Information Security Management Systems, Risk Management, ISO Review Podcast, Jim Moran, Howard Fox
#ISO27001 #InformationSecurityManagementSystems #RiskManagement #Control Assessment Process, #ISOReviewPodcast.
50 episódios
Manage episode 428035132 series 3372790
Howard and Jim chat about ISO/IEC TS 27008:2019 - Clauses 8.2.6 Work Assignments, 8.2.7 External Systems, and 8.2.8 Information Assets and Organization.
POINTS DISCUSSED
- The importance of thinking about information as an asset, and how can this mindset shift impact the effectiveness of an organization's information security management system .
- The inevitability of cyberattacks, and how ISO 27001 prepares organizations for the inevitable rather than the hypothetical.
- The significance of auditor independence and objectivity in the context of information security assessments, and how can organizations ensure these principles are upheld?.
- The challenges of auditing external systems, particularly those in the cloud, and the strategies organizations employ to mitigate these challenges?
- How the guidelines help organizations create more robust contracts with their suppliers and service providers.
- Daily practices, akin to a pilot's pre-flight checklist, for maintaining information security awareness within an organization.
- The role of incident response plans in mitigating the impact of cyberattacks, and how can organizations ensure these plans are effective and well-practiced.
- The importance of using standards-based testing protocols in assessments.
- How the concept of layered process auditing (LPA) improves the continuous monitoring and enhancement of an ISMS.
LEARN MORE
Click here to try Conformance1's free online ISO 27001 Gap Checklist.
UPCOMING EPISODES
Howard and Jim continue to deep dive into ISO/IEC TS 27008:2019 - Clause 8.2.9 - Extended Review Procedures, Clause 8.2.10 - Optimization, and Clause 8.2.11- Finalization.
NEXT STEPS
Please follow us on your preferred podcast directory. We appreciate your likes & comments, and shares.
Click here to visit the SimplifyISO website to discover how our cloud-based management system will satisfy all the Standards requirements, client requirements, and any other requirements that you have to meet.
Click here to visit the International Management System Institute website, and learn about how and why you should consider becoming a Certified ISO Management System Professional.
Learn more about Jim on LinkedIn & YouTube
LinkedIn
LinkedIn Articles
YouTube
Click here to learn more about the Coaching and Podcast Services provided by Fox Coaching, inc.
Keywords
ISO 27001, Clause 8.2.6 - Work Assignments, Clause 8.2.7 - External Systems, and Clause 8.2.8 - Information Assets and Organization, Information Security Management Systems, Risk Management, ISO Review Podcast, Jim Moran, Howard Fox
#ISO27001 #InformationSecurityManagementSystems #RiskManagement #Control Assessment Process, #ISOReviewPodcast.
50 episódios
Alle episoder
×Bem vindo ao Player FM!
O Player FM procura na web por podcasts de alta qualidade para você curtir agora mesmo. É o melhor app de podcast e funciona no Android, iPhone e web. Inscreva-se para sincronizar as assinaturas entre os dispositivos.