Endpoint Cybersecurity GmbH
- From Idea to Proof of Concept to MVP – 3 article series
- From Idea to Proof of Concept to MVP: The Minimum Viable Product – MVP (3/3)
- From Idea to Proof of Concept to MVP: The POC stage (2/3)
- From Idea to Proof of Concept to MVP: The Idea stage (1/3)
- Delivering often in small increments with Scrum
- Navigating AI Standards and Regulations
- Policy vs Standard vs Procedure: why, what, how
- Comparing Annex A in ISO/IEC 27001:2013 vs. ISO/IEC 27001:2022
- NIS2 Fulfillment through TISAX Assessment and ISA6
- Guide for delivering frequently software features that matter (series) #2/2: Challenges and the path forward
Understanding ISO 27001:2022 Annex A.9 – Access Control
/in EducationalWe started the ISO 27001:2022 series with the promise of explaining how the 14 categories of controls can be implemented. Today we address ISO 27001:2022 Annex A.9, “Access Control”. Access control is a fundamental component of information security management systems (ISMS). It provides guidelines for implementing controls to ensure that only authorized individuals have access to information […]
Understanding ISO 27001:2022 Annex A.8 – Asset Management
/in EducationalISO 27001:2022 Annex A.8, “Asset Management,” addresses the importance of identifying, classifying, and managing information assets within an organization. This annex emphasizes the need for organizations to establish processes for inventorying assets, assessing their value, and implementing appropriate controls to protect them. In this technical educational article, we’ll explore how to implement Annex A.8 […]
Understanding ISO 27001:2022 Annex A.7 – Human Resource Security
/in EducationalWe started the ISO 27001:2022 series with the promise of explaining how the 14 categories of controls can be implemented. Today we address ISO 27001:2022 Annex A.7, “Human Resource Security”. Contents Toggle Importance of Human Resource Security Implementing Annex A.7 in Practice Audit of Compliance with Annex A.7 Conclusions These controls address the critical role […]
Understanding ISO 27001:2022 Annex A.6 – Organization of Information Security
/in EducationalWe started the ISO 27001:2022 series with the promise of explaining how the 14 categories of controls can be implemented. We start today with ISO 27001:2022 Annex A.6, “Organization of Information Security”, which outlines requirements for establishing an effective management framework to govern information security within an organization. This annex emphasizes the importance of defining roles, responsibilities, […]
Understanding ISO 27001:2022 Annex A.5 – Information Security Policies
/in EducationalWe started the ISO 27001:2022 series with the promise of explaining how the 14 categories of controls can be implemented. We start today with A.5. Information Security Policies. Contents Toggle Importance of Information Security Policies Implementing Annex A.5 in Practice Auditing Compliance with Annex A.5 Importance of Information Security Policies Information security policies […]