A blog about GRC (Governance, Risk Management, and Compliance)

Jakob Holm Hansen


Seneste indlæg

GDPR Compliance: Bridge the Gap

[fa icon="calendar'] Wednesday, 08 March 2023 / by Jakob Holm Hansen

[fa icon="comment"] 0 comments

Even though GDPR is right around the corner, it makes a lot of sense - practically and financially - to maintain your traditional information security measures, because compliance with the Data Protection Regulation both can and should build upon your existing security measures.

More [fa icon="long-arrow-right"]

Choosing the right business continuity scenarios for your BCP

[fa icon="calendar'] Wednesday, 08 June 2022 / by Jakob Holm Hansen

[fa icon="comment"] 0 comments

Our most recent blog post dealt with The three golden rules of a business continuity plan. This time, we continue in the world of business continuity planning and take a closer look at scenarios and strategies.

More [fa icon="long-arrow-right"]

Secure ISMS Version 6.0

[fa icon="calendar'] Wednesday, 26 February 2020 / by Jakob Holm Hansen under information Security, Iso Standard and certification

[fa icon="comment"] 0 comments

Learn about some of the news in Secure ISMS version 6.0 

More [fa icon="long-arrow-right"]

Risk assessments must align with business goals

[fa icon="calendar'] Monday, 16 December 2019 / by Jakob Holm Hansen under information Security

[fa icon="comment"] 0 comments

It is not just a huge help for general management when company risk assessments are based on concrete business goals. Business-based risk assessments also help information security managers to prioritize what scarce resources they have.

More [fa icon="long-arrow-right"]

How does the ISO 27001:2013 affect your risk management process?

[fa icon="calendar'] Monday, 29 July 2019 / by Jakob Holm Hansen under Iso Standard and certification, Risk Managment

[fa icon="comment"] 0 comments

ISO / IEC 27001 was introduced in 2005 and has become a very popular international standard. Now ISO 27001 is being revised and a new version is due later in 2013. I’ve looked at the changes before and outlined the main differences between the old and the new version.

More [fa icon="long-arrow-right"]

Here's how to get management support for information security initiatives

[fa icon="calendar'] Friday, 28 June 2019 / by Jakob Holm Hansen under information Security

[fa icon="comment"] 0 comments

It is gradually becoming more and more necessary to actively secure management support for any new business initiatives – not least when it comes to information security. The support of decision makers is absolutely essential for the successful operation and development of a compliance programme. But how can we go about getting this support? Our CEO cuts through the rhetoric and offers up five pieces of advice to those responsible for information security.

More [fa icon="long-arrow-right"]

A compliance planning tool gives information security managers an automatic plan

[fa icon="calendar'] Wednesday, 01 May 2019 / by Jakob Holm Hansen

[fa icon="comment"] 0 comments

There used to be many unknown factors for information security managers to take into account when implementing and maintaining a security standard. That is no longer the case. A compliance planning tool creates a well-arranged plan for the compliance work and automatically combines all the tasks in a single annual plan.

More [fa icon="long-arrow-right"]

ISMS: The value you can measure is the value you deliver

[fa icon="calendar'] Monday, 12 November 2018 / by Jakob Holm Hansen under ISO Standards & Certification

[fa icon="comment"] 0 comments

ISMS performance monitoring allows security officers to document specific business values while also enhancing the level of security within the organisation. A white paper provides inspiration on how to select, define, and monitor effects in an ISMS solution.

More [fa icon="long-arrow-right"]

Information Security: How to get the most out of limited resources

[fa icon="calendar'] Thursday, 20 September 2018 / by Jakob Holm Hansen

[fa icon="comment"] 0 comments

With an annual cycle for information security, you can ensure that the right security processes are in place, and that the company’s internal resources have enough time to solve the many other tasks that require attention.
More [fa icon="long-arrow-right"]

How to assess your business risks when going cloud

[fa icon="calendar'] Saturday, 11 August 2018 / by Jakob Holm Hansen

[fa icon="comment"] 0 comments

Cloud computing promises many benefits. Cost reductions, improved efficiency and improved security is what many companies can gain from moving into the cloud.

More [fa icon="long-arrow-right"]

GRC blog

The NorthGRC blog offers advice and knowledge of effective information security management, security strategies, risk management, compliance with information security standards and other requirements, business continuity planning, ISO2700x, EU Data Protection Regulation, PCI DSS, etc.

Popular Posts