How to build an asset inventory for 27001
How do you know WHAT assets are to be included in the ISO-27K Asset Inventory? This question and variants of the "What are assets [for ISO27K]?" comes up often and has seen much discussion on the...
View ArticleConfusion over Physical Assets, Information Assets – Part Two
So I need to compile a list of ALL assets, information or otherwise, NO! That leads to tables and chairs and powerbars. OK so you can't work without those, but that's not what I meant. Physical assets...
View ArticleWhat Applicants Should Ask When Interviewing For An InfoSecurity Position
http://www.informationsecuritybuzz.com/applicants-ask-interviewing-information-security-role/ Well what would you ask? These seem to be the kind of questions that might be asked by someone with a...
View ArticleThe fatal flaw in IT Risk management
Is interviewing is a much better method that self-certifications and a checklist, if time and resources allow. Two points: In the ISO-27001 forum, my friend and colleague Gary Hinson has repeatedly...
View Article