ISO 27001 Annex A.8 – Asset Management
|

ISO 27001 Annex A.8 – Asset Management

As per the definition and application of ISO 27001 asset management, it is a set of processes to identify and apply security measures to an organization’s assets. Seems straightforward, isn’t it? In the real world, it is pretty tricky. Often organizations forget to identify and secure chunks of confidential Information stored at multiple sources. The…

How To Get ISO 27001 Certification (Step-by-Step Process)
|

How To Get ISO 27001 Certification (Step-by-Step Process)

The ISO 27001 certification typically requires gaining familiarity with the standard, diligent planning, committed implementation, and ongoing maintenance. The readiness and existing processes of the organization determine the complexity of each of these steps. For first-time certification seekers that can feel like a significant workload and a lot of moving back and forth between auditor and the product.  In this…

The Complete PCI DSS Compliance Checklist
|

The Complete PCI DSS Compliance Checklist

As an organization processing card data via online portals or POS (Point of Sale) devices, you should be PCI DSS (Payment Card Industry Data Security Standards) compliant to avoid administrative penalties and reputational damage to the brand. But, becoming PCI DSS compliant is easier said than done. The PCI DSS process is exhaustive, time-consuming, and…

ISO 27001 Requirements – A Comprehensive List
|

ISO 27001 Requirements – A Comprehensive List

The ISO 27001 requirements guide talks about the ISMS policies and procedures you must implement to demonstrate compliance with the clauses (4-10) listed in the ISO 27001 compliance framework. When would you need this in your compliance journey? Once you’ve identified the scope of ISO 27001 for your business and conducted a gap analysis to…

All You Need To Know About The HIPAA Breach Notification Rule
|

All You Need To Know About The HIPAA Breach Notification Rule

HIPAA (Health Insurance Portability and Accountability Act) is a federal law in the United States regulated by the Department of Health and Human Services to ensure the integrity of patient’s Protected Health Information (PHI). Patient health information is extremely sensitive. The HIPAA breach notification rule is a special rule that specifies the mandatory protocol healthcare…

End of content

End of content