Obtaining an ISO 27001 or BS 25999-2 certificate is not mandatory, however most of the companies implementing either of these standards want to get certified – the main reason for that is that they want to achieve a marketing advantage.
ISO 27001 and ISO 9001 may seem like quite different standards, but when you take a closer look at both, you can find a lot of similarities.
While many business continuity methodologies exist for more than 20 years, none of them have really managed to include business continuity in regular management duties – this is probably why BS 25999-2 is emerging more and more as a leading business continuity standard worldwide.
Although many people consider ISO 27001 as a bureaucratic standard with no real benefits, actually the opposite is true – if it is implemented properly, not only will it enhance the marketing position of your organization, but it will also help you organize all information security activities in a clearly defined framework, and consequently decrease the level of risks.
Rapid7 and Modulo announced they are working together to deliver an holistic view of threat and vulnerability risk, correlated with broader regulatory, policy and compliance risk analysis.
By subscribing to our early morning news update, you will receive a daily digest of the latest security news published on Help Net Security.
With over 500 issues so far, reading our newsletter every Monday morning will keep you up-to-date with security risks out there.