A blog about GRC (Governance, Risk Management, and Compliance)

Jakob Holm Hansen


Seneste indlæg

IT Risk Management increases your IT outsourcing success

[fa icon="calendar'] Monday, 03 June 2013 / by Jakob Holm Hansen under Iso Standard and certification

[fa icon="comment"] 0 comments

IT outsourcing can be a highly positive experience.

More [fa icon="long-arrow-right"]

Six questions about the ISO 27001 revision (with answers)

[fa icon="calendar'] Tuesday, 30 April 2013 / by Jakob Holm Hansen under Risk Managment, ISO Standards & Certification

[fa icon="comment"] 0 comments

How does the ISO 27001 revision impact your risk management?

More [fa icon="long-arrow-right"]

Three ways the ISO 27001 revision will affect your company

[fa icon="calendar'] Monday, 15 April 2013 / by Jakob Holm Hansen under ISO Standards & Certification

[fa icon="comment"] 0 comments

It has been eight years since the ISO 27001 standard was last revised but now changes are coming.

More [fa icon="long-arrow-right"]

4 responsible shortcuts to good enough risk assessments

[fa icon="calendar'] Wednesday, 23 May 2012 / by Jakob Holm Hansen under ISO Standards & Certification

[fa icon="comment"] 0 comments

Information security standards have at least two characteristics: 1) they can cure most sleep problems and 2) some describe a relatively perfect world where those responsible for information security have plenty of time and where there are enough resources to analyse needs and document decisions. Even though I may have started this post a little sarcastic, I'm actually a big supporter of standards and "best practice"; I see no reason to reinvent good stuff. I cannot do anything about the standards being boring, but I write this post to suggest some responsible shortcuts to a good start on risk assessments and as a pragmatic approach to ISO 27001 compliance (should you want that).

More [fa icon="long-arrow-right"]

GRC blog

The NorthGRC blog offers advice and knowledge of effective information security management, security strategies, risk management, compliance with information security standards and other requirements, business continuity planning, ISO2700x, EU Data Protection Regulation, PCI DSS, etc.

Popular Posts