ISO 27001 Information Security – Annex A 7 Physical Controls

ISO 27001 Information Security – Annex A 7 Physical Controls Annex A 7 Physical controls 26th April 2023 – ISO 27001 Information Security in plain English – Post #20 in the series. ISO 27001 – Annex A 7 Physical Controls Something that sets ISO 27001 apart from all the other ISO management system standards is…

Read More

ISO 27001 Information Security – Annex A 6 People Controls

ISO 27001 Information Security – Annex A 6 People Controls Annex A 6 – People controls 18th April 2023 – ISO 27001 Information Security in plain English – Post #19 in the series. ISO 27001 – Annex A 6 People Controls Something that sets ISO 27001 apart from all the other ISO management system standards…

Read More

ISO 27001 Information Security – Annex A 5 Organizational Controls

ISO 27001 Information Security – Annex A 5 Organizational Controls A5 Organizational controls 4th April 2023 – ISO 27001 Information Security in plain English – Post #18 in the series. ISO 27001 – Annex A 5 Organizational Controls Today, we continue our series ‘ISO 27001 Information Security in plain English’ with our first foray into…

Read More

ISO 27001 Information Security – Clause 9 Evaluation

ISO 27001 Information Security – Clause 9 Evaluation Qudos guide to ISO 27001:2022 clause 9 Evaluation 16th November 2022 – ISO 27001 Information Security in plain English – Blog post #16. ISO 27001 – Clause 9 Evaluation This clause forms the Check step of the PDCA cycle. It has three elements: 9.1 Monitoring, measurement, analysis and evaluation 9.2…

Read More

ISO 27001 Information Security – Clause 8 Operation

ISO 27001 Information Security – Clause 8 Operation ISO 27001 Clause 8 Operation – Putting it into practice 4th November 2022 – ISO 27001 Information Security in plain English – Blog post #15. ISO 27001 – Clause 8 Operation. Putting it into practice This clause follows a natural progression from the previous clauses. Having identified…

Read More

Asset module for Qudos 3 IMS software!

Asset management in Qudos 3 IMS software 26 May 2021 Asset management is becoming an increasingly important area of management systems. For example, the ISO 27001 Information Security standard includes specific requirements for the control of assets (Annex control A8). The subject is also very relevant to the 7.1 Resources clause as well as other…

Read More

Smoothing the transition to ISO 45001

Smoothing the transition to ISO 45001 15 March 2021 | Guidance and reference source for making the transition to ISO 45001. ISO 45001 is an international standard that specifies requirements for an OHSMS (Occupational Health & Safety Management System). It aims to enable organizations to better manage their OHS risks and improve their OHS performance.…

Read More

Supplier management and ethical sourcing

Supplier evaluation and ethical sourcing 24 August 2020 Supplier evaluation / management Few, if any, organizations can do everything in-house. To some degree, most of us rely on external parties to provide something included in our product or service. It is therefore, not surprising that all the main ISO management system standards include requirements relating…

Read More

Business continuity and ISO 22301

Business continuity and the ISO 22301 standard 19 May 2020   Business continuity management is dealing with the impact of disruptions in order to continue providing services or products. That is, at least to acceptable levels and time frames. A BCMS (or business continuity management system) will integrate arrangements for prevention and recovery to build…

Read More

The ISO 45001 OHS standard: A Quick Intro

ISO 45001 OHS Standard: A Quick Intro 3 March 2020 The ISO 45001 OHS Standard specifies requirements for an OHSMS (Occupational Health & Safety Management System). It was released in 2018 and is gradually superseding many earlier national standards. Many observers consider ISO 45001 to be the most significant OHS standard ever. Why? Well, a…

Read More