All bloggings

No, not that kind of 'medium'! Two new ISO/IEC JTC 1/SC 27/WG 1  standards projects are under way, raising fundamental questions about how we standardise and promote information security. 1. Practical ISMS implementation guidance First, we are defining the scope and plan for a second part to ISO/IEC 27003 (possibly a distinct standard or some other format). This project aims to offer ISMS implementation advice for small, medium and large organizations, with a specific emphas

I've received the first W orking D raft for the revision of ISO/IEC 27102 :2019 - "Information security management - Guidelines for cyber-insurance ". With a new title already approved ("Information security, cybersecurity and privacy protection — Guidelines for applying ISO/IEC 27001 and related standards in support of cyber insurance ") and a revised scope, the committee intends to refocus the second edition more explicitly on the I nformation S ecurity M anagement S ystem

I fixed a curious issue with page navigation today. If we open any of the detailed pages on the ISO27k standards, there are 2 sets of 3 buttons, top and bottom of the page, making it easy to navigate to the previous page (the detailed page for the next lower numbered ISO27k standard), the next page (the next higher numbered one) , or to go 'up' to the list of ISO27k standards. In testing, they all worked OK except for the next button on the page for ISO/IEC 27031. It refuse

Today I updated several pages concerning the current status of various ISO27k standards development projects - nothing particularly significant. I am struggling to keep up with the work of ISO/IEC JTC 1/SC 27 Working Group 5. I'm not sure at the moment whether I am not receiving WG5 emails with updates, or not reading them properly and taking note of them. Either way, it is hard for me to keep track and update this site for the WG5 standards. Also today, I noticed a curious