Obtaining an ISO 27001 or BS 25999-2 certificate is not mandatory, however most of the companies implementing either of these standards want to get certified – the main reason for that is that they want to achieve a marketing advantage.
ISO 27001 and ISO 9001 may seem like quite different standards, but when you take a closer look at both, you can find a lot of similarities.
While many business continuity methodologies exist for more than 20 years, none of them have really managed to include business continuity in regular management duties – this is probably why BS 25999-2 is emerging more and more as a leading business continuity standard worldwide.
Rapid7 and Modulo announced they are working together to deliver an holistic view of threat and vulnerability risk, correlated with broader regulatory, policy and compliance risk analysis.
Lots of companies implementing ISO 27001 struggle how to implement the requirements from Annex A.14 – Business continuity management.