Search Results for: privacy

We have so far discussed ISO 27001-2022 in several articles ISO-1 to 7 and summarised ISO 27701 in article ISO-8. Let us now continue our discussions to cover the 93 controls which are part of Annexe A of ISO 27001-: … Continue reading →

ISO 27701 was published on August 6, 2019 as an extension of ISO 27001:2013. It was a framework for management of Privacy of Personal data and included requirements for Privacy Risk Assessment, Privacy Impact Assessment, Data Protection Impact assessment and … Continue reading →

A Russian ransomware gang CLOp has reportedly been exploiting a zero day vulnerability in a secure file transfer software called MOVEit and has reportedly affected hundreds of businesses in UK and USA. Moveit is a managed file transfer software product … Continue reading →

We are presenting a series of articles in this series to spread the awareness and understanding of ISO 27001, ISO 27701 and PDPCSI. ISO 27001 is a certifiable standard while ISO 27701 is a requirement which can be certified only … Continue reading →

In the previous article we discussed the need for creating Asset Inventory as part of the Context setting. In the process, we identified four different aspects such as “Data Storage Points”, “Data Collection Points”, Data Processing Points” and “Data Disclosure … Continue reading →

Before an organization sets about to establish an ISMS or an auditor starts an ISO 27001 audit, it is essential to understand and set the ‘Context’ in which the activity needs to be planned and implemented. By ‘Context’ we mean … Continue reading →