ISO 27001:2022 Annex A 5.37 Documented Operating Procedures Explained
What is it? ISO 27001 Annex A 5.37 is the requirement to document your processes and procedures. An ISO 27001 documented operating procedure is a written set of instructions that tells you how to perform a task securely. It’s like a recipe for a specific...
ISO 27001:2022 Annex A 5.36 Compliance With Policies, Rules And Standards For Information Security Explained
Table of contentsWhat is it?Why is it important?What is the definition in the standard?How do you implement it?Who does the review?When do you conduct reviews?What other standards apply?ISO 27001 Audit TemplatesHow can the ISO 27001 toolkit help?ISO 27001 Annex A 5.36...
ISO 27001:2022 Annex A 5.35 Independent Review Of Information Security Explained
What is it? ISO 27001 Annex A 5.35 Independent review of information security is an ISO 27001 control that wants you to get an independent review of your information security management and controls at planned intervals or when things change...
ISO 27001 vs SOC 2: The difference explained simply
Table of contentsWhat is ISO 27001?What is SOC 2?ISO 27001 v SOC 2 Summary TableISO 27001 Certification and SOC 2 ComplianceISO 27001 certification processThe SOC2 compliance processISO 27001 and SOC 2: so what’s the difference really?ISO 27001 or SOC 2: which...
ISO 27001:2022 Annex A 5.34 Privacy And Protection Of PII Explained
Table of contentsWhat is PII?ISO 27001 Privacy And Protection Of PIIHow do you implement it?What other standards apply?Do you need a data protection professional?How can the ISO 27001 toolkit help?ISO 27001 Annex A 5.34 FAQRelated ISO 27001 ControlsFurther ReadingISO...
ISO 27001:2022 Annex A 5.33 Protection Of Records Explained
Table of contentsISO 27001 Protection Of RecordsDecide what kinds of protection are includedDecide what kind of records are includedIssue GuidelinesTopic specific policy on records managementRetention scheduleLegislationRecord DestructionClassificationRetrieval...
ISO 27001:2022 Annex A 5.32 Intellectual Property Rights Explained
Table of contentsISO 27001 Intellectual Property RightsHow to implement itIntellectual property topic specific policyProcedures for intellectual propertySoftware license registerSoftware use reviewsSoftware transfer and disposalSoftware Terms and...
ISO 27001:2022 Annex A 5.31 Legal, statutory, regulatory and contractual requirements Explained
Table of contentsISO 27001 Legal, statutory, regulatory and contractual requirementsImplementation GuideLegal and Regulatory Guidance on Control A 5.31Cryptographic Guidance on Control A 5.31Contract Guidance on Control A 5.31Watch the tutorialISO 27001 Legal Register...
