Mastodawn

Jonathan Kamens 86 47 May 9, 2025

ISO 27000 nit #3. I had to stare at this for several minutes to try to figure out what "enhancing societal values" was doing in this list. IMO the meaning of all the other list items it clear, but that one's clear as mud. I _think_ what they're trying to get at is improving the security culture within the organization being managed, but honestly, that's just a guess, I'm not even certain that's what they mean.
#infosec #compliance #ISO #ISO27000 #standards #isms

Show thread

Jonathan Kamens 86 47 May 9, 2025

ISO 27000 nit #2: The definition of "risk" provided here, "effect of uncertainty on objectives," is dumb, obscure, unhelpful, bureaucratic gobbledygook. It in no way resembles the dictionary definition of risk, which much more closely approximates what I think of when I use the word risk or see it used in an information security concept. I am challenged to understand why they chose this nonsense definition and what they hope to achieve by it.
#infosec #compliance #ISO #ISO27000 #standards #isms

Jonathan Kamens 86 47 May 9, 2025

I am reviewing ISO 27000, as one does for shits and giggles, and I am curious about the motivation behind making "interested party" the preferred term while "stakeholder" is allowed but not preferred.
In the contexts in which I see stakeholder used, I believe it is a more accurate term than "interested party." Preferring the latter term IMO obfuscates meaning rather than clarifying it.
#infosec #compliance #ISO #ISO27000 #standards #isms

Roger Bello Aug 9, 2024

Buenos días!

#iso27000 #linux #agilidad #gestiondeproyectos

Daniela Keusen Feb 14, 2024

#Informationssicherheitssysteme und #ISO27000er-Familie
1:25 Std.

#Informationssicherheitsmanagementsystem (#ISMS) - #PDCA-Zyklus

ISO/ #IEC27000er-Normenreihe
- Begriffs-, Anforderungs- und #LeitfadenNormen
- #Phasenmodell für ISMS-#Implementierung u. Betrieb aus #27001:2013 ableiten
- Neuerungen in ISO/IEC 27001:2022 und #ISO27002:2022

#informationssicherheitsmanagement #iso27000 #Informationssicherheit

Mit meinem Link ist #LinkedInLearning Kurs kostenlos.
https://www.linkedin.com/posts/activity-7163581589052932096-X5AD?utm_source=share&utm_medium=member_android

LinkedIn: Log In or Sign Up

1 billion members | Manage your professional identity. Build and engage with your professional network. Access knowledge, insights and opportunities.

Daniela Keusen Dec 25, 2023

#Implementierung u.Betrieb #ISMS auf Basis ISO/#IEC27001

#Rahmendokument #AssetRegister #Klassifizierung #Kennzeichnung

#Risikomanagement #ISO27005
#Risikoidentifizierung #RiskAssessment
#Risikoanalyse #Schutzziele #Schadensindex #Eintrittswahrscheinlichkeit
#Risikobewertung #Risikowert
#Risikobehandlung #Risikobehandlungsplan #Restrisiko
#Risikomanagementkonzept

#gelebtesISMS #Sensibilisierung
#SecurityAwareness

#Informationssicherheitsmanagement #ISO27000

https://www.linkedin.com/posts/activity-7145089482592092160-QACx?utm_source=share&utm_medium=member_android

LinkedIn: Log In or Sign Up

1 billion members | Manage your professional identity. Build and engage with your professional network. Access knowledge, insights and opportunities.

Nikka Systems Sverige May 22, 2023

Nätfiskare kan kombinera två attackmetoder för att skapa riktigt vilseledande länkar. Firefox är den enda webbläsaren som åtminstone skyddar delvis. Vi förklarar problemet och berättar vad som bör göras åt det.

https://nikkasystems.com/2023/05/22/webblasare-tillater-uppenbar-natfiskemetod/

#blisäker #nätfiske #phishing #chrome #firefox #edge #safari #cisv8 #iso27000