Experts Talk

An ISO/IEC 27001 audit verifies if your organization’s management system complies with standards and assesses the adequacy of risk management measures.An ISO/IEC 27001 audit verifies if your organization’s management system complies with standards and assesses the adequacy of risk management measures.

Explore ISO 13485:2016 challenges through the expertise of Danny Kroo. Learn about common misinterpretations for improved quality management.

Today’s highly competitive business world requires organizations to continuously differentiate themselves, increase operational effectiveness, and demonstrate their dedication to quality. One effective strategy that has gained global recognition is ISO certification.

ISO/IEC 27001, a globally recognized standard for establishing, implementing, maintaining, and continually improving an Information Security Management System (ISMS), provides a framework for safeguarding information and ensuring its integrity, confidentiality, and availability.

Almost two decades since the advent of public cloud services, cloud computing continues to be a foundational building block that drives enterprise digital transformations and accelerates the delivery of new features to users.

When competing for excellence and differentiation in the market, one powerful way for organizations to demonstrate their commitment to quality, reliability, and conformance with industry standards is by obtaining an ISO-accredited certification.

Organizations that have achieved ISO certification understand the significance of maintaining high standards in quality, efficiency, and customer satisfaction.

This Q&A Session covers the most frequently asked questions about CSA STAR Certification. By obtaining the CSA STAR Certification, Cloud Service Providers (CSPs) show to their clients that they are using best practices to protect data in cloud applications.

ISO management system third-party auditors hold a very essential role as they are responsible for evaluating if an organization’s management system is in conformance with the requirements of a specific ISO standard.

This Q&A Session covers the most frequently asked questions about ISO 20121 Event Sustainability Management. It can be adapted to events of all sizes and types. The ISO 20121 certification will prove that your company is operating effectively and puts sustainability first when managing and delivering your events.

ISO management system third-party auditors hold a very essential role as they are responsible for evaluating if an organization’s management system is in conformance with the requirements of a specific ISO standard.

Integrated management systems make it simpler for organizations to manage the multiple management systems that they have in place. This saves organizations from having duplicate processes.

ISO standards are updated every few years to better fit every organization’s needs. With the rise and advancement of cyber threats and malware, there was a need to update the ISO/IEC 27001:2013 as well.

Cloud Security Alliance (CSA) STAR Certification is a strong tool to help cloud service providers evaluate and improve their cybersecurity controls while certifying against a well-respected industry framework that was designed specifically for cloud computing, the Cloud Controls Matrix (CCM).

Organizations that want to create a culture that is focused on continual improvement seek to implement best practices in their management systems.

The task of protecting a company’s data against hacking and data breaches is becoming more and more complicated, demanding the use of several systems, technologies, and personnel. Everything can come to naught if the entire system is not successfully regulated to provide transparency over what functions well and what does not…

This Q&A Session covers the most frequently asked questions about ISO 9001. This standard is suitable for all organizations. Adopting an efficient Quality Management System based on ISO 9001 will help organizations save time and cost, improve their efficiency, and improve their customer relationships.

Every day the world becomes more technological and with this rapid development of technology, there is no doubt that the protection of information is a must.

Building security and data protection into the DNA of an organization’s management system and operations is very important considering the intensive use of cloud computing by all organizations nowadays.

The dynamic environment that we are living in has enabled companies to bloom and develop, however, these developments have created an impact on the environment, from which, as far as we can see, the environment has not been blooming as well. On the contrary, the environment has become so fragile that it needs protection.

This Q&A Session covers the most frequently asked questions about ISO 22301, a standard that has been developed to protect companies against threats, reduce the likelihood of, and ensure organization’s business recovers from disruptive incidents. It is applicable to any type of organization, regardless of its size, type or nature. ISO 22301 helps organizations to develop and maintain a best practice approach to respond effectively to any disruption, by implementing continuous improvement tools and techniques.

Being the most certifiable management system standard (over 900.000 issued certificates worldwide), it speaks much to the importance that the ISO 9001 Quality Management System (QMS) certification has in businesses all over the world.

The life of a Business Continuity Planning (BCP) professional is not always smooth sailing. Staff across an organisation tend to be all too busy helping the business ‘make money’ and, unless an immediate trigger like a real disaster event occurs, they do not even think about all the things that could go wrong.

Every day, cybercriminals are finding new and more advanced ways to get access to electronic data stored on a computer or a network. The COVID-19 pandemic, hybrid-working, technology updates, and other changes in business operation, have made it easier for cybercriminals to tackle the vulnerabilities of systems and attack them.

Sustainability is simply the risk-based forward strategic thinking where we plan on meeting the needs of the present without affecting the ability of future generations to meet their own needs. Three main themes have always been the focus of sustainability: people (social interaction), planet (solar energy, biodiversity and nutrient cycling) and economic profits.

This Q&A Session covers the most frequently asked questions about ISO 14001, a standard that sets out the criteria for an Environmental Management Systems (EMS).

This session covers the most frequently asked questions about ISO/IEC 20000-1:2018, a standard which specifies requirements for the service provider to plan, establish, implement, operate, monitor, review, maintain, and improve an Service Management System.

In line with ISO 19011:2018 i.e. (guidelines for auditing management systems), audit evidence normally would be evaluated against audit criteria in order to determine audit findings. Broadly speaking, audit findings can be graded as either a conformity or nonconformity.

Even 6 years after the publication of the GDPR and 4 years after it is activation, many companies in various sectors do not succeed to get the data protection basics right, let alone they get their enterprise information security under control.

The purpose of the ISO/IEC 27701 requirements is to incorporate the protection of Privacy Information in a client’s Management System. Within the past few years, many countries and states have implemented legislation and guidelines to protect the privacy of personal information.

This article highlights the benefits of the integration that the new ISO 37301 standard together with the ISO 37001 standard have to organizations.

As I write this, the world is experiencing a pandemic of unprecedented magnitude since the Spanish flu of the early 20th century. Worldwide, there are millions of infections and hundreds of thousands of deaths.

ISO 37001 originated as the result of a meeting held in London in June 2013 and had its scope and title approved by the ISO Technical Management Board, in September 2013.

MSECB is continually making efforts to improve its service to clients. One of these improvements is to ensure that only subject matter expert auditors conduct certification audits for the various ISO standards.

Changes in customer behavior, needs, and expectations are indeed inevitable. Unfortunately, many organisations worldwide are not prepared and do not effectively plan to take action to address future needs. Future is relative, today was yesterday’s future, so understanding future needs and setting up processes to meet such needs is of paramount importance.

ISO/IEC 27001 helps organizations of any size to have processes that ensure confidentiality, integrity and availability of the information collected during the company’s operation.

The medical devices Quality Management System, commonly known as ISO 13485:2016, is the reference standard for the Medical Devices industry, developed and published as the third edition by International Organization for Standardization (ISO).

This article presents an overview of the challenges that accompany the design and development of Medical Devices in accordance with the legal and regulatory laws and ISO management system standards.

This session covers the most frequently asked questions about the ISO 13485:2016 standard. ISO 13485 is designed to be used by any organization that is involved in the design, production, installation and servicing of medical devices and related services.

Fresh out of college with a world of career opportunities and experiences in front of you can be stressful, scary and challenging, but it is unquestionably worth exploring. By knowing your strengths, previous experiences and hobbies you will have a better vision to what career path you want to pursue

While there are many definitions that explain sustainability, it is undoubtedly safe to say that being sustainable means to try meeting our needs without compromising the ability of future generations to meet their own needs (United Nations Brundtland Commission, 1987).

With information security breaches, now the new normal, security teams are compelled to take dedicated measures to reduce the risk of suffering a damaging breach.

Many organizations over the years have leveraged ISO/IEC 27001:2013 and ISO/IEC 27002:2013 for the establishment of their Information Security Management System (ISMS).

The implementation of an Information Security Management System (ISMS) is a combination of requirements based on security objectives.