Category Archives: ISO 27001

What is ISO 27001:2022? In October 2022, ISO 27001:2013 Information Security was revised to ISO 27001:2022 Information Security, Cybersecurity and Privacy Protection. As you can see by the name change, ISO 27001 has evolved to reflect today’s digital landscape, focusing on the relationship between information security, cybersecurity, and privacy. This adaption became imperative following the pandemic, where…


“Many organisations found out in lockdown that they could continue trading successfully without a premises, and even without some staff, because they were able to carry on trading from home using computer access to the company’s data. Those business continuity plans which envisaged what your business would do if you suffered a fire or a…


What is Cyber Essentials?  Cyber Essentials is a UK government-backed scheme that protects organisations from common online threats. Its primary goal is to establish a foundation of basic cybersecurity measures. The framework focuses on five key areas: Firewalls: protecting your internet connection from unauthorised access.     User Access Control: limiting access and permissions to reduce the risk of unauthorised access.  Malware Protection:…


ISO standards provide a globally recognised framework that guides organisations toward excellence in various domains such as quality, environmental management, information security and health and safety. Leveraging the common structure offered by Annex SL can further streamline and simplify the process of implementing and managing multiple ISO standards simultaneously, unlocking a range of benefits for businesses. The…


What is Annex SL? Annex SL provides a standardised high-level structure for ISO standards, making it easy for organisations to implement multiple standards. Annex SL outlines a set of common clauses which are included in the key management standards such as ISO 9001 , ISO 14001 , ISO 27001 , and ISO 45001 .  These clauses cover the essential aspects of a management…


1. Prioritising Staff Training Staff training is vital, especially when involving the handling of sensitive data.   Verizon’s 2022 Data Breach Investigations Report  revealed that 82% of data breaches involve human factors. Improving your team’s cybersecurity awareness can significantly reduce your risks. Incorporate training into your induction process and provide annual refresher courses. These sessions should include data handling requirements, associated risks,…


What is the current version of ISO 27001? The newest version of ISO 27001 was released at the end of October 2022 and is now known as ISO/IEC 27001:2022 Information Security, Cybersecurity and Privacy Protection.  Prior to this, ISO 27001 was last updated in 2013.  If you’re currently working to this version, you now have until 31st October 2025…


Why is ISO 27001 being updated? This is standard practice with ISO. Every five to eight years, International Standards are reviewed by all ISO member bodies to identify whether they are still relevant. The pandemic has caused a leap in the adoption of technology, with more of us working from home, shopping online and video conferencing…


“I’ve always found it refreshing and energising working alongside startups and SMEs, helping them implement management systems to international standards.  I recently had the pleasure of working with Michael Furey, CEO of Ronspot Limited , with the implementation of their ISO 27001 Information Security management standard. Ronspot is a tech Startup headquartered in Galway on the west coast of Ireland and…


After 25 years of data management experience in the private sector, Graham McCusker and Lee Coupland founded Sentinel Partners Limited in 2011.  Through their IT and data expertise and experience they are able to make a difference by bringing a modern and agile data integration technology to public sector organisations, helping to identify and save the lives…