Endpoint Cybersecurity GmbH
- Implementing ISO 27001:2022 Annex A.18 – Compliance
- Maping NIS2 requirements to the ISO 27001:2022 framework
- Implementing ISO 27001:2022 Annex A.17 – Information Security Aspects of Business Continuity Management
- Implementing ISO 27001:2022 Annex A.16 – Information Security Incident Management
- Executive summary: NIS2 Directive for the EU members (updated)
- NIS-2: 10 common misconceptions about the regulation
- Implementing ISO 27001:2022 Annex A.15 – Supplier Relationships
- Understanding ISO 27001:2022 Annex A.14 – System Acquisition, Development, and Maintenance
- Understanding ISO 27001:2022 Annex A.13 – Communications Security
- Understanding ISO 27001:2022 Annex A.12 – Operations Security
Understanding ISO 27001:2022 Annex A.11 – Physical and Environmental Security
/in EducationalWe started the ISO 27001:2022 series with the promise of explaining how the 14 categories of controls can be implemented. Today we address ISO 27001:2022 Annex A.11, “Physical and Environmental Security”, which addresses the importance of protecting physical assets, facilities, and infrastructure that house information systems and assets. This annex provides guidelines for implementing controls to safeguard […]
Understanding ISO 27001:2022 Annex A.10 – Cryptography
/in EducationalWe started the ISO 27001:2022 series with the promise of explaining how the 14 categories of controls can be implemented. Today we address ISO 27001:2022 Annex A.10, “Cryptography”, which plays a vital role in ensuring the confidentiality, integrity, and authenticity of sensitive information. This annex provides guidelines for implementing cryptographic controls to protect data assets from unauthorized access, […]
Understanding ISO 27001:2022 Annex A.9 – Access Control
/in EducationalWe started the ISO 27001:2022 series with the promise of explaining how the 14 categories of controls can be implemented. Today we address ISO 27001:2022 Annex A.9, “Access Control”. Access control is a fundamental component of information security management systems (ISMS). It provides guidelines for implementing controls to ensure that only authorized individuals have access to information […]
Understanding ISO 27001:2022 Annex A.8 – Asset Management
/in EducationalISO 27001:2022 Annex A.8, “Asset Management,” addresses the importance of identifying, classifying, and managing information assets within an organization. This annex emphasizes the need for organizations to establish processes for inventorying assets, assessing their value, and implementing appropriate controls to protect them. In this technical educational article, we’ll explore how to implement Annex A.8 […]
Understanding ISO 27001:2022 Annex A.7 – Human Resource Security
/in EducationalWe started the ISO 27001:2022 series with the promise of explaining how the 14 categories of controls can be implemented. Today we address ISO 27001:2022 Annex A.7, “Human Resource Security”. Contents Toggle Importance of Human Resource Security Implementing Annex A.7 in Practice Audit of Compliance with Annex A.7 Conclusions These controls address the critical role […]