Which Standards are affected? More than 30 standards have been updated. The key standards affecting clients of ISO QSL include: ISO 9001 Quality Management ISO 14001 Environmental ISO 27001 Information Security ISO 45001 Occupational Health and Safety ISO 22301 Business Continuity What’s Changed? The recent changes relate to Clause 4: Context of the Organisation. Overall,…
Category Archives: ISO 27001
What is Data Privacy? Data privacy is an essential aspect of managing information, encompassing the practices, policies, and legal frameworks that dictate how data is collected, used, stored, and disposed of. This includes a wide range of data, like employee and customer details (names, addresses and financial information), and businesses need to safeguard this information. …
What is ISO 27001:2022? In October 2022, ISO 27001:2013 Information Security was revised to ISO 27001:2022 Information Security, Cybersecurity and Privacy Protection. As you can see by the name change, ISO 27001 has evolved to reflect today’s digital landscape, focusing on the relationship between information security, cybersecurity, and privacy. This adaption became imperative following the pandemic, where…
“Many organisations found out in lockdown that they could continue trading successfully without a premises, and even without some staff, because they were able to carry on trading from home using computer access to the company’s data. Those business continuity plans which envisaged what your business would do if you suffered a fire or a…
What is Cyber Essentials? Cyber Essentials is a UK government-backed scheme that protects organisations from common online threats. Its primary goal is to establish a foundation of basic cybersecurity measures. The framework focuses on five key areas: Firewalls: protecting your internet connection from unauthorised access. User Access Control: limiting access and permissions to reduce the risk of unauthorised access. Malware Protection:…
ISO standards provide a globally recognised framework that guides organisations toward excellence in various domains such as quality, environmental management, information security and health and safety. Leveraging the common structure offered by Annex SL can further streamline and simplify the process of implementing and managing multiple ISO standards simultaneously, unlocking a range of benefits for businesses. The…
What is Annex SL? Annex SL provides a standardised high-level structure for ISO standards, making it easy for organisations to implement multiple standards. Annex SL outlines a set of common clauses which are included in the key management standards such as ISO 9001 , ISO 14001 , ISO 27001 , and ISO 45001 . These clauses cover the essential aspects of a management…
1. Prioritising Staff Training Staff training is vital, especially when involving the handling of sensitive data. Verizon’s 2022 Data Breach Investigations Report revealed that 82% of data breaches involve human factors. Improving your team’s cybersecurity awareness can significantly reduce your risks. Incorporate training into your induction process and provide annual refresher courses. These sessions should include data handling requirements, associated risks,…
What is the current version of ISO 27001? The newest version of ISO 27001 was released at the end of October 2022 and is now known as ISO/IEC 27001:2022 Information Security, Cybersecurity and Privacy Protection. Prior to this, ISO 27001 was last updated in 2013. If you’re currently working to this version, you now have until 31st October 2025…
Why is ISO 27001 being updated? This is standard practice with ISO. Every five to eight years, International Standards are reviewed by all ISO member bodies to identify whether they are still relevant. The pandemic has caused a leap in the adoption of technology, with more of us working from home, shopping online and video conferencing…