Blog

The benefit of performing risk assessment far outweighs the cost or impact that an organization may have to suffer in case an incident takes place.

Implementation of Information Security management System (ISMS) in line with ISO 27001: 2013 demonstrates management commitment to protect information assets, and getting certified to ISO 27001: 2013 is a third-party endorsement that an organisation has fulfilled baseline requirements.

Business Impact Analysis (BIA) is the act of identifying and prioritising an organization’s services (internal and external) that should be up and running in the event of disaster. Combined with maximum tolerable period of disruption(MTPOD), return time objective (RTO), return point objective (RPO) and minimum service levels, it gives the business continuity management/CEO the ‘requirement’ for continuity.

Most organizations are flooded with international standards and it is often difficult to choose the right one. In most cases the standard selection is driven by customer and/or regulatory pressure.