Horac Building an effective ISMS - Part 5: Statement of Applicability Overview After exploring risk assessment and risk treatment, we now focus on the Statement of Applicability (SOA), a critical document that serves as a cornerstone of any effective Information Securit... Sep 9, 2024
Horac Building an effective ISMS - Part 4: Risk Treatment Previously In our previous article on Risk Assessment, we explored the importance of identifying and analyzing risks to safeguard your organization and comply with ISO 27001 standards. Now, we advance... Sep 3, 2024
Horac Navigating DORA with Brainframe GRC With the Digital Operational Resilience Act (DORA) set to be enforced from January 17, 2025, financial firms across the European Union are racing against the clock to meet a crucial regulatory deadlin... Sep 3, 2024
Horac Building an effective ISMS - Part 3: Risk Assessment Previously In our last article , we identified and documented primary and support assets critical to achieving ISO 27001 certification. We explored how to map out essential components and understand t... Aug 28, 2024
Davy Cox Building an effective ISMS - Part 2: Asset identification Previously In our previous article , we explored how to lay a solid foundation for ISO 27001 certification, including strategizing and preparing essential documents . These steps are vital for creatin... Mar 30, 2024
Davy Cox Building an effective ISMS - Part 1: Setting the stage In the digital age, information is a critical asset for any company. Protecting this data is crucial, and implementing an ISMS and getting it certified (e.g. ISO27001) is a clear sign of an organizati... Mar 28, 2024
Davy Cox The Evolution of GRC in the Digital Age The Evolution of GRC in the Digital Age In today's dynamic business landscape, the convergence of technology and governance has led to a profound transformation in Governance, Risk, and Compliance (GR... Mar 26, 2024
Davy Cox Understanding the Fundamentals of GRC Management Understanding the Fundamentals of GRC Management In today's rapidly evolving business landscape, organisations encounter an array of challenges, spanning from regulatory compliance to managing operati... Mar 25, 2024
Davy Cox Helping communes comply with NIS2 In the face of rapidly evolving digital landscapes and strict regulatory pressures, European communes face the monumental task of establishing robust, efficient, and comprehensive governance, risk man... Jan 20, 2024
Davy Cox CORAL - Fit4CSA Start your Fit4CSA self-assessment now About the Project CORAL, which stands for cybersecurity Certification based On Risk evALuation and treatment , is a European Union-funded project under CEF Telec... Dec 27, 2023
Davy Cox Self-assessment of security ROI for SMBs As security professionals we often get the question: "What is the return on investment of security (and compliance)?". This is not an exact science, and of course fully depends on the value of your as... Nov 6, 2023
Davy Cox What you need to know about the EU's Digital Operational Resilience Act (DORA) What is DORA The Digital Operational Resilience Act (DORA) , is an initiative introduced by the European Parliament and the Council, set to become effective by 17 January 2025 . This regulation was co... Oct 8, 2023