Endpoint Cybersecurity GmbH
- Navigating AI Standards and Regulations
- Policy vs Standard vs Procedure: why, what, how
- Comparing Annex A in ISO/IEC 27001:2013 vs. ISO/IEC 27001:2022
- NIS2 Fulfillment through TISAX Assessment and ISA6
- Guide for delivering frequently software features that matter (series) #2/2: Challenges and the path forward
- Guide for delivering frequently software features that matter (series) #1/2: the Pillars of successful frequent delivery
- Guide for delivering frequently software features that matter (series)
- Beyond “Move Fast and Fail Fast”: Balancing Speed, Security, and … Sanity in Software Development (with Podcast)
- Project management with Scrum (with Podcast)
- Comparing “Records of Processing Activities” (ROPA) and “Data Protection Impact Assessments” (DPIA) (with Podcast)
Understanding ISO 27001:2022 Annex A.9 – Access Control
/in EducationalWe started the ISO 27001:2022 series with the promise of explaining how the 14 categories of controls can be implemented. Today we address ISO 27001:2022 Annex A.9, “Access Control”. Access control is a fundamental component of information security management systems (ISMS). It provides guidelines for implementing controls to ensure that only authorized individuals have access to information […]
Understanding ISO 27001:2022 Annex A.8 – Asset Management
/in EducationalISO 27001:2022 Annex A.8, “Asset Management,” addresses the importance of identifying, classifying, and managing information assets within an organization. This annex emphasizes the need for organizations to establish processes for inventorying assets, assessing their value, and implementing appropriate controls to protect them. In this technical educational article, we’ll explore how to implement Annex A.8 […]
Understanding ISO 27001:2022 Annex A.7 – Human Resource Security
/in EducationalWe started the ISO 27001:2022 series with the promise of explaining how the 14 categories of controls can be implemented. Today we address ISO 27001:2022 Annex A.7, “Human Resource Security”. Contents Toggle Importance of Human Resource Security Implementing Annex A.7 in Practice Audit of Compliance with Annex A.7 Conclusions These controls address the critical role […]
Understanding ISO 27001:2022 Annex A.6 – Organization of Information Security
/in EducationalWe started the ISO 27001:2022 series with the promise of explaining how the 14 categories of controls can be implemented. We start today with ISO 27001:2022 Annex A.6, “Organization of Information Security”, which outlines requirements for establishing an effective management framework to govern information security within an organization. This annex emphasizes the importance of defining roles, responsibilities, […]
Understanding ISO 27001:2022 Annex A.5 – Information Security Policies
/in EducationalWe started the ISO 27001:2022 series with the promise of explaining how the 14 categories of controls can be implemented. We start today with A.5. Information Security Policies. Contents Toggle Importance of Information Security Policies Implementing Annex A.5 in Practice Auditing Compliance with Annex A.5 Importance of Information Security Policies Information security policies […]