ISO 27001 Archive
Certification to the increasingly popular international information security management standard ISO 27001 is now growing at 91% year-on-year in the USA (ISO survey), which is significantly higher than the global growth rate of 20%. With information security breaches now the …
It is a widely held belief that every organization’s website needs a corresponding privacy policy. However, this is not the case. Whether you need an online privacy policy depends on what your organization does, where it does it, and your contractual obligations. According …
When seeking to achieve certification to ISO 27001, organizations should avoid non-accredited certification bodies. Why? Non-accredited certification bodies typically offer a service that includes both consultancy and certification. No formally accredited certification body will offer this type of service, as …
Whenever organizations seek certification, they rely on the good judgment of auditors. Most of the time that’s fine, but sometimes auditors pick up bad habits and make poor decisions. If you’re an auditor or an organization that’s being audited, you …
Is your organization looking to enhance its cybersecurity protection? Do you need to earn CPE (Continuing Professional Education) credits? If the answer is yes to either question, look no further than IT Governance USA: the one-stop shop for your needs. …
ISO 27001 is the international standard that describes best practice for an ISMS (information security management system). Achieving accredited certification to ISO 27001 demonstrates that your organization is following information security best practice, and delivers an independent, expert assessment of …
In addition to health issues, UConn Health patients are now fretting over their PII (personally identifiable information) being compromised. On December 24, 2018, UConn Health discovered that an unauthorized party had accessed nearly 1,500 employee email accounts. Breach at UConn …
North Country Business Products, Inc. (North Country) announced a data security incident on February 15, 2019, alerting customers who paid by card at its restaurants that their PII (personally identifiable information) may have been compromised. More than 50 of its …
North Carolina-based Duke Energy has been fined a record $10 million by NERC (North American Electric Reliability Corporation) for 127 violations of rules designed to keep the U.S. power system safe from physical and cyber attacks. According to NERC’s penalty …
AdventHealth Medical Group recently informed about 42,000 patients that a data security incident at its Pulmonary & Sleep Medicine facility in Tavares, Florida may have exposed their confidential information. In late December 2018, AdventHealth discovered that an unauthorized third party …
