Nigel LandmanISO/IEC 27001, it is a risky business.ISO/IEC 27001 [1] is a management system standard (MSS) [2] with information security as its focus. It is not a risk framework; it is not a…17h ago17h ago
Nigel LandmanISO/IEC 27001 and the infamous gap analysisFollowing a quick chat with ChatGPT (Oct 2024) the AI suggested that, overall, a gap analysis is a strategic tool for any organization…4d ago4d ago
Nigel LandmanISO/IEC 27001, Annex A and all that jazzJust what makes people believe that the Annex A to ISO/IEC 27001 (that is the abbreviation, once again [1]) is mandatory for Certification?Oct 25Oct 25
Nigel LandmanScope and other stuff, ISO/IEC 27001Notwithstanding some of the many inaccuracies surrounding ISO/IEC 27001 (that is the abbreviation) [1], the time has now come to look at…Oct 23Oct 23
Nigel LandmanDoing stuff in preparation for ISO/IEC 27001Having eliminated, in previous musings, some of the misinterpretations around ISO/IEC 27001, the time has come to do other stuff towards…Oct 18Oct 18
Nigel LandmanMore weird stuff about ISO/IEC27001Well, to be honest the following isn’t weird, it’s just about addressing misinterpretations of ISO/IEC 27001.Oct 8Oct 8
Nigel LandmanWeird stuff about ISO/IEC27001Why, oh why, is there so much rubbish documented about ISO/IEC27001? Goodness only knows.Oct 3Oct 3
Nigel LandmanThe curious case of a cancelled certificationThis piece is about the curious case of a cancelled certification, or for the ill-informed, accreditation to ISO/IEC 27001. (UKAS, 2024)Sep 2Sep 2
Nigel LandmanA good article and yet another reminder, perhaps, to those who develop apps etc.,Jul 91Jul 91
Nigel LandmanFUBAR … CybersecurityPerhaps I am being mischievous, or maybe not. Aside from the data dumps, two news pieces piqued my interest.May 13May 13
