Endpoint Cybersecurity GmbH
- Accelerating feature delivery in software development
- How-To create Security User Stories
- Delivering secure software in an agile way
- Understanding Defense in Depth in IT Security
- ISO 27001:2022 and TISAX: overlaps and differences
- Understanding the SOC 2 Certification
- Introduction to CISA’s Secure by Design Initiative
- Implementing ISO 27001:2022 Annex A.18 – Compliance
- Maping NIS2 requirements to the ISO 27001:2022 framework
- Implementing ISO 27001:2022 Annex A.17 – Information Security Aspects of Business Continuity Management
Understanding ISO 27001:2022 Annex A.8 – Asset Management
/in EducationalISO 27001:2022 Annex A.8, “Asset Management,” addresses the importance of identifying, classifying, and managing information assets within an organization. This annex emphasizes the need for organizations to establish processes for inventorying assets, assessing their value, and implementing appropriate controls to protect them. In this technical educational article, we’ll explore how to implement Annex A.8 […]
Understanding ISO 27001:2022 Annex A.7 – Human Resource Security
/in EducationalWe started the ISO 27001:2022 series with the promise of explaining how the 14 categories of controls can be implemented. Today we address ISO 27001:2022 Annex A.7, “Human Resource Security”. Contents Toggle Importance of Human Resource Security Implementing Annex A.7 in Practice Audit of Compliance with Annex A.7 Conclusions These controls address the critical role […]
Understanding ISO 27001:2022 Annex A.6 – Organization of Information Security
/in EducationalWe started the ISO 27001:2022 series with the promise of explaining how the 14 categories of controls can be implemented. We start today with ISO 27001:2022 Annex A.6, “Organization of Information Security”, which outlines requirements for establishing an effective management framework to govern information security within an organization. This annex emphasizes the importance of defining roles, responsibilities, […]
Understanding ISO 27001:2022 Annex A.5 – Information Security Policies
/in EducationalWe started the ISO 27001:2022 series with the promise of explaining how the 14 categories of controls can be implemented. We start today with A.5. Information Security Policies. Contents Toggle Importance of Information Security Policies Implementing Annex A.5 in Practice Auditing Compliance with Annex A.5 Importance of Information Security Policies Information security policies […]
Annex A of ISO 27001:2022 explained and tips to prepare for an audit
/in EducationalWe wrote in the previous article ISO 27001:2022: chapter by chapter description about ISO 27001:2022 Annex A. Annex A of ISO 27001:2022 is a vital component of the standard, outlining a comprehensive set of controls that organizations can implement to mitigate information security risks effectively. These controls cover a wide range of areas, including physical security, […]