December 2021

ISO/IEC 27001:2013

ISO/IEC 27001:2013 specifies the requirements for establishing, implementing, maintaining, and continually improving an information security management system within the context of the organisation. It sets out the specification for an information security management system (ISMS) Passed my BSI ISO 27001 exam last week, this is what I learned – What is information security management (ISM)? …

ISO/IEC 27001:2013 Read More »


Information Security Management Principles – including definitions, meanings and use of concepts and terms across information security management. It will continue by explaining the need for and the benefits of information security. Information Risk – ¬†including outlining threats to and vulnerabilities of information systems and the process for understanding and managing risk relating to information …

CISMP Read More »