A blog about GRC (Governance, Risk Management, and Compliance)

How will NIS2 impact an information security manager?

[fa icon="calendar'] Wednesday, 05 July 2023 / by NorthGRC under Iso Standard and certification

[fa icon="comment"] 0 comments

NIS2 will have practical significance for you as an information security manager, as the requirements of the directive are directly aimed at the administration of information security.

If you need further information about NIS2, click here to get a handle on the NIS2-basics.

More [fa icon="long-arrow-right"]

Secure ISMS Version 6.0

[fa icon="calendar'] Wednesday, 26 February 2020 / by Jakob Holm Hansen under information Security, Iso Standard and certification

[fa icon="comment"] 0 comments

Learn about some of the news in Secure ISMS version 6.0 

More [fa icon="long-arrow-right"]

How does the ISO 27001:2013 affect your risk management process?

[fa icon="calendar'] Monday, 29 July 2019 / by Jakob Holm Hansen under Iso Standard and certification, Risk Managment

[fa icon="comment"] 0 comments

ISO / IEC 27001 was introduced in 2005 and has become a very popular international standard. Now ISO 27001 is being revised and a new version is due later in 2013. I’ve looked at the changes before and outlined the main differences between the old and the new version.

More [fa icon="long-arrow-right"]

How to measure ISO 27001 ISMS efficiency with KPIs

[fa icon="calendar'] Wednesday, 23 April 2014 / by Jakob Holm Hansen under Iso Standard and certification

[fa icon="comment"] 3 comments

Efficiency and productivity are discussed in many contexts. In information security management, it also makes sense to ensure processes are working effectively. But how do you measure whether your information security is effective and whether it is developing in the right direction?

More [fa icon="long-arrow-right"]

Has ‘Plan-Do-Check-Act´disappeared in the new ISO 27001?

[fa icon="calendar'] Friday, 04 April 2014 / by Jakob Holm Hansen under Iso Standard and certification

[fa icon="comment"] 0 comments

The Plan-Do-Check-Act (PDCA) process originates from quality assurance in production environments, but has for some years also been a requirement in the ISMS standard ISO 27001 (ISMS = Information Security Management System).

More [fa icon="long-arrow-right"]

IT Risk Management increases your IT outsourcing success

[fa icon="calendar'] Monday, 03 June 2013 / by Jakob Holm Hansen under Iso Standard and certification

[fa icon="comment"] 0 comments

IT outsourcing can be a highly positive experience.

More [fa icon="long-arrow-right"]

GRC blog

The NorthGRC blog offers advice and knowledge of effective information security management, security strategies, risk management, compliance with information security standards and other requirements, business continuity planning, ISO2700x, EU Data Protection Regulation, PCI DSS, etc.

Popular Posts