ISO27k standards

An initial draft of this standard has been released to SC27 as the first W orking D raft, so I took the opportunity to update the info page. '27566 concerns age verification - techniques to determine the age of a website or app user, for example to prevent minors accessing adult materials. Part 2 will form a bridge linking the foundational concepts in part 1 with the analytical approaches in part 3.  It will advise on how to ascertain the age verification objectives, parame

Before the sun came up this morning, fueled by strong coffee and prompted by yet another lame social media thread about this, I've written a new FAQ concerning disclosure of the S tatement o f A pplicability. On LinkeDin, there's the usual confusing muddle of concerns and conflicting advice when someone asked whether a company can share its SoA, adding that (according to someone on Reddit last night [allegedly]) the [certification?] auditor said they "cannot share the SoA bec