ISO 9001:2015 – The likely impact (Part III)

What ‘documented information’ is required by ISO 9001:2015? An Executive Summary could read as follows… ISO 9001:2015 will probably merge documents and records under the term ‘€œdocumented information’€ and there will be no mandatory quality manual, procedures or quality records. These significant changes may lead to much greater flexibility in how information is managed within […]

Cyber Essentials: Why your organisation should ‘Get Badged’! – Part V

Part V:  Requirements 4. Malware protection, and 5. Patch management Malware protection software is a necessary cyber security requirement. We all have knowledge of malware threats in one form or another and experience teaches us to be wary of certain links and email attachments. Cyber Essentials starts with the assumption that computers connected to the […]

Cyber Essentials: Why your organisation should ‘Get Badged’! – Part IV

Requirement 2. Secure configuration, and 3. User access control The second Cyber Essentials Requirement references ‘secure configuration’. At this point, I am reminded of The Security Configuration Benchmarks that are distributed free of charge to propagate their worldwide use and adoption as user-originated, de facto standards. The CIS Benchmarks are described as “consensus-based, best-practice security […]