ISO 27001 Archives - Alan Calder on IT Governance, Cyber Resilience, ISO 27001 and Brexit

Business Continuity Planning and BS25999

Alan Calder February 28, 2008 Business Continuity, Disaster Recovery, ISO 25999, ISO 27001, ITIL

I came across an interesting post on Ireland’s Security Watch blog making the topical connection between bird flu scares and business continuity planning. It rightly points out that a disaster can strike from unlikely sources when you least expect it. …

[Continue Reading...]

Civil lawsuits start over lax data security approach

Alan Calder February 19, 2008 Compliance, Data Protection, ISO 27001, IT Governance, IT Security

The Realtime IT Compliance blog carried a significant post the other day – the first signs of US civil lawsuits against companies losing customer data. In this case, it is a $54 million claim against Best Buy for losing a …

[Continue Reading...]

House of Lords re-opens inquiry

Alan Calder February 12, 2008 Data Breaches, ISO 27001, IT Governance, IT Security

I read in ComputerWeekly that the House of Lords Science & Technology Committee is to re-open its inquiry into e-crime and the security of personal data, apparently due to the Government’s “vacuous, idle and irrelevant” response to its initial recommendations. …

[Continue Reading...]

Another wake-up call for the boardroom

Alan Calder February 9, 2008 Data Protection, ISO 27001, IT Security

For those boardrooms still slow to grasp the strategic importance of IT governance and information security, the BBC offers a nice simple graph to bring home the scale of the challenge. It comments: “Reports vary but some estimates suggest there …

[Continue Reading...]

Information classification schemes

Alan Calder January 22, 2008 Data Protection, IT Governance, IT Security

Also from ComputerWeekly, Chief Information Officers need to take a leading role in setting up formal information classification schemes to stop them over-engineering them to comply with security regulations, according to a report from the Information Security Forum. Well, yes …

[Continue Reading...]

ISO27001 – 900,000 certificates?

Alan Calder December 5, 2007 ISO 27001, IT Security

The most recent survey from the International Organization for Standardization (ISO) reveals that there are now 898,000 ISO9001 certifications worldwide, a 16% increase on the previous year. It also reveals that there are now 5,800 ISO/IEC 27001 certifications worldwide – …

[Continue Reading...]

Social networking – top tips on safety

Alan Calder November 23, 2007 ISO 27001, IT Security

The UK Government’s Information Commissioner has now joined the call for people to be wary of identity fraudsters when using social networking sites. In a press release issued today (‘4.5 million young Brits’ futures could be compromised by their electronic …

[Continue Reading...]

Not really fair, is it?

Alan Calder November 22, 2007 Compliance, Data Breaches, Data Protection, ISO 27001, IT Security

The UK government claimed that the person who burnt the HMRC child benefit database to a disc and mailed it to the National Audit Office (NAO) was a relatively junior civil servant who had breached rules and would be subject …

[Continue Reading...]

HMRC breaches DPA

Alan Calder November 21, 2007 Data Breaches, Data Protection, ISO 27001, IT Security

While one swallow might not make a summer, multiple breaches of one particular law (Information Commissioner: “we are already investigating two other breaches”) do rather suggest that the organization concerned has little interest in compliance with it. Her Majesty’s Revenue …

[Continue Reading...]

BS25999 and ISO27001

Alan Calder October 16, 2007 ISO 20000, ISO 25999, ISO 27001, IT Security, PCI DSS

Once upon a time, there was only BS7799 for information security – now there are three parts to it, two of which have become internationalised (ISO27001) and are part of a series which has something like 20 numbers reserved for …

[Continue Reading...]