This is the second part to the series about the differences between ISO 27001:2005 and ISO 27001:2013. This post talks about the information security ‘context’ and how to establish it for an organisation.
When the ISO 27001:2013 was released, I did a quick write up about it here. Now that I have had some time to spend with the standard (get to know it better!), I am writing a more detailed comparison. This comparison will follow the typical comparison that I did for the BS25999 vs. ISO 22301. […]
‘My dear Watson!’ exclaimed Holmes. “You are no doubt wondering about how they work in Japan.” I looked up in surprise. I was indeed pondering about the work culture in Japan. “Have you started performing black magic, then, Holmes? There can be no other explanation to this” I spake with wide eyes. “How can you […]
So, the new ISO 27001 is here. After 8 years, the entire ISMS approach has been revamped. The newer version of ISO 27001 aka. ISO 27001:2013 is a much slimmer document. There is no introduction to the process approach and – surprise surprise, no diagram of the Deming’s cycle. No beating around the bush for […]