ISO 27701 and Conformance with Privacy Information Management (Part 1)

Jan 26, 2023 Lazarus Alliance 0 Comment

Consultant presenting ISO 27701 audit findings to enhance data privacy compliance.

Private security standards like those from the International Organization for Standardization (ISO) generally seek some alignment with major regulations so that certified organizations can effectively adapt to new and rigorous standards. Accordingly, the ISO 27701 standard seeks to refine the standard ISO cybersecurity certifications to match evolving security laws in jurisdictions like the EU.

In this article, the first of three parts, we will look at ISO 27701, how it impacts ISO 27001 controls, and how certified organizations will deploy their Information Security Management Systems.

What Is ISO 27018 and How Does it Apply to Cloud Providers?

Jan 19, 2023 Lazarus Alliance 0 Comment

Lazarus Alliance Cybervisor team evaluating ISO/IEC 27018 data protection standards.

ISO/IEC 27018 establishes commonly accepted control objectives to protect Personally Identifiable Information (PII) in line with the privacy principles in ISO/IEC 29100 for cloud providers offering public infrastructure and services. It is a critical document for these providers seeking to instill the trustworthiness of their systems in their customers and clients. Learn more about ISO 27018 and what it takes to get your cloud infrastructure up to speed.

What Is the Information Security Risk Management Process of ISO 27005?

Jan 12, 2023 Lazarus Alliance 0 Comment

Expert consultant reviewing ISO 27005 risk assessment processes during a Lazarus Alliance audit.

Businesses undergoing ISO certification are probably aware of the 27000 series and its focus on comprehensive cybersecurity. What many organizations don’t know, however, is that the series itself provides guidelines for risk managers to better implement Information Security Management Systems (the core process of ISO 27001) following best risk management practices.