Artwork

Inhalt bereitgestellt von Jim. Alle Podcast-Inhalte, einschließlich Episoden, Grafiken und Podcast-Beschreibungen, werden direkt von Jim oder seinem Podcast-Plattformpartner hochgeladen und bereitgestellt. Wenn Sie glauben, dass jemand Ihr urheberrechtlich geschütztes Werk ohne Ihre Erlaubnis nutzt, können Sie dem hier beschriebenen Verfahren folgen https://de.player.fm/legal.
Player FM - Podcast-App
Gehen Sie mit der App Player FM offline!

ISO/IEC TS 27008:2019 - Assessing Information Security Controls, Sampling Techniques - Clause 7.5

33:09
 
Teilen
 

Manage episode 418165443 series 3372790
Inhalt bereitgestellt von Jim. Alle Podcast-Inhalte, einschließlich Episoden, Grafiken und Podcast-Beschreibungen, werden direkt von Jim oder seinem Podcast-Plattformpartner hochgeladen und bereitgestellt. Wenn Sie glauben, dass jemand Ihr urheberrechtlich geschütztes Werk ohne Ihre Erlaubnis nutzt, können Sie dem hier beschriebenen Verfahren folgen https://de.player.fm/legal.

Howard and Jim chat about ISO/IEC TS 27008:2019 - Assessing Information Security Controls, Sampling Techniques - Clause 7.5.
POINTS DISCUSSED

  1. Introduction and Context
  2. The importance of neutrality and objectivity in selecting sample items for an audit.
  3. The criteria used to determine samples.
  4. The steps that should be taken after an audit to ensure effective communication of results and implementation of corrective actions.
  5. The implications when auditors focus on conformance rather than looking for nonconformance, and how this perspective shift impact the outcome of an audit.

LEARN MORE

Click here to try Conformance1's free online ISO 27001 Gap Checklist.
UPCOMING EPISODES
Howard and Jim continue to deep dive into ISO/IEC TS 27008:2019 - Process for Assessing Controls, Clause 8.1.
NEXT STEPS
Please follow us on your preferred podcast directory. We appreciate your likes & comments, and shares.
Click here to visit the SimplifyISO website to discover how our cloud-based management system will satisfy all the Standards requirements, client requirements, and any other requirements that you have to meet.
Click here to visit the International Management System Institute website, and learn about how and why you should consider becoming a Certified ISO Management System Professional.
Learn more about Jim on LinkedIn & YouTube
LinkedIn
LinkedIn Articles
YouTube
Book Recommendations:

Turn the Ship Around!: A True Story of Turning Followers into Leaders by L. David Marquet
The Checklist Manifesto: How to Get Things Right by Atul Gawande
Learn more about Howard
Click here to learn more about the Coaching and Podcast Services provided by Fox Coaching, inc.
Keywords
ISO, ISO 27008, Information Security Management Systems, Risk Management, Sampling Techniques, ISO Review Podcast, Jim Moran, Howard Fox
#ISO27001 #ISO27008 #InformationSecurityManagementSystems #RiskManagement #TSamplingTechniques #ISOReviewPodcast

  continue reading

50 Episoden

Artwork
iconTeilen
 
Manage episode 418165443 series 3372790
Inhalt bereitgestellt von Jim. Alle Podcast-Inhalte, einschließlich Episoden, Grafiken und Podcast-Beschreibungen, werden direkt von Jim oder seinem Podcast-Plattformpartner hochgeladen und bereitgestellt. Wenn Sie glauben, dass jemand Ihr urheberrechtlich geschütztes Werk ohne Ihre Erlaubnis nutzt, können Sie dem hier beschriebenen Verfahren folgen https://de.player.fm/legal.

Howard and Jim chat about ISO/IEC TS 27008:2019 - Assessing Information Security Controls, Sampling Techniques - Clause 7.5.
POINTS DISCUSSED

  1. Introduction and Context
  2. The importance of neutrality and objectivity in selecting sample items for an audit.
  3. The criteria used to determine samples.
  4. The steps that should be taken after an audit to ensure effective communication of results and implementation of corrective actions.
  5. The implications when auditors focus on conformance rather than looking for nonconformance, and how this perspective shift impact the outcome of an audit.

LEARN MORE

Click here to try Conformance1's free online ISO 27001 Gap Checklist.
UPCOMING EPISODES
Howard and Jim continue to deep dive into ISO/IEC TS 27008:2019 - Process for Assessing Controls, Clause 8.1.
NEXT STEPS
Please follow us on your preferred podcast directory. We appreciate your likes & comments, and shares.
Click here to visit the SimplifyISO website to discover how our cloud-based management system will satisfy all the Standards requirements, client requirements, and any other requirements that you have to meet.
Click here to visit the International Management System Institute website, and learn about how and why you should consider becoming a Certified ISO Management System Professional.
Learn more about Jim on LinkedIn & YouTube
LinkedIn
LinkedIn Articles
YouTube
Book Recommendations:

Turn the Ship Around!: A True Story of Turning Followers into Leaders by L. David Marquet
The Checklist Manifesto: How to Get Things Right by Atul Gawande
Learn more about Howard
Click here to learn more about the Coaching and Podcast Services provided by Fox Coaching, inc.
Keywords
ISO, ISO 27008, Information Security Management Systems, Risk Management, Sampling Techniques, ISO Review Podcast, Jim Moran, Howard Fox
#ISO27001 #ISO27008 #InformationSecurityManagementSystems #RiskManagement #TSamplingTechniques #ISOReviewPodcast

  continue reading

50 Episoden

Alle episoder

×
 
Loading …

Willkommen auf Player FM!

Player FM scannt gerade das Web nach Podcasts mit hoher Qualität, die du genießen kannst. Es ist die beste Podcast-App und funktioniert auf Android, iPhone und im Web. Melde dich an, um Abos geräteübergreifend zu synchronisieren.

 

Kurzanleitung