{tableName=glossary, name=ISO/IEC /IEC 27001 Foundation, description=
ISO/IEC 27001 Foundation is an international standard for Information Security Management Systems (ISMS) which provides the framework for organizations to establish, implement, maintain and continually improve an effective ISMS. It helps organizations to identify, assess and manage the risks associated with the use, storage, transmission and disposal of information. It also helps organizations to ensure that the confidentiality, integrity and availability of information is maintained. The standard covers the requirements for an ISMS, including the establishment of policies and procedures, the implementation of controls, and the monitoring of performance. It also provides guidance on how to develop an ISMS and how to assess the effectiveness of the system. The standard is applicable to all types of organizations, regardless of size, nature or sector., topic=[{id=97620570500, createdAt=1673040885276, updatedAt=1684824913644, path='iso-27001', name='
ISO 27001 Guide: A Comprehensive Guide', 1='{type=string, value=ISO 27001}', 2='{type=string, value=This guide provides a comprehensive overview of the ISO 27001 standard, including the requirements, implementation, and certification. Learn how to ensure your organization's information security is up to date and compliant.}', 5='{type=string, value=
This guide provides an authoritative and detailed overview of the ISO/IEC 27001 standard, which defines the requirements for an Information Security Management Systems (ISMS) associated with information security, cybersecurity and privacy protection.
Learn about the purpose and scope of the standard, the key requirements for an ISMS, how to implement and maintain an ISMS, how to establish an effective security risk management program, how to develop and implement security policies, how to implement controls to protect information and services and how to audit and review systems to ensure they meet the requirements of the standard.
This guide is an essential resource for anyone looking to understand and implement ISO 27001.
}', 15='{type=list, value=[{id=97620570500, name='ISO 27001'}]}'}], hs_path=iso-iec-iec-27001-foundation}--
{tableName=glossary, name=Incident management, description=
Incident management is the process of managing the lifecycle of all incidents that occur within an organization. This process includes the identification, triage, investigation, resolution, and closure of each incident. It also includes the communication of the incident to all stakeholders, and the monitoring of the incident to ensure it is being addressed in a timely and effective manner. Incident management is a critical component of an organization's overall risk management strategy, as it helps to ensure that incidents are addressed quickly and effectively, and that any risks associated with the incident are minimized., topic=null, hs_path=incident-management}--
{tableName=comparison, name=ASD Essential 8 vs ISO 27001, description=ASD Essential 8 is an Australian Government cybersecurity framework that provides guidance on how to protect government systems from cyber threats. , topic=[{id=97620570506, createdAt=1673040885315, updatedAt=1715624279165, path='asd-essential-8', name='
ASD Essential 8 Guide: A Comprehensive Overview', 1='{type=string, value=ASD Essential 8}', 2='{type=string, value=
This guide provides an overview of the ASD Essential 8 - 8 evidence-based strategies to help improve the outcomes of children with Autism Spectrum Disorder. Learn how to identify and implement these strategies to help}', 5='{type=string, value=This authoritative guide provides an in-depth look at the ASD Essential 8 (E8), a set of eight measures developed by the Australian Signals Directorate (ASD) to protect organizations from cyber threats. It explores whether the ASD Essential 8 are mandatory or not for your organisations and covers the fundamentals of each of the eight measures, including the maturity levels, how to perform an assessment and implementation guidenace.}', 15='{type=list, value=[{id=97620570506, name='ASD Essential 8'}]}'}], hs_path=asd-essential-8-vs-iso-27001}--
{tableName=glossary, name=Australian Prudential Regulation Authority (APRA), description=
The Australian Prudential Regulation Authority (APRA) is an independent statutory authority of the Australian Government that was established in 1998 to oversee the prudential supervision of financial institutions in Australia. It is responsible for the regulation and supervision of banks, credit unions, building societies, insurance companies, friendly societies, superannuation funds, and other financial institutions. It does this by setting and enforcing prudential standards, monitoring and assessing compliance with those standards, and taking corrective action when necessary. APRA's primary objective is to protect the interests of depositors, policyholders, and superannuation fund members by ensuring the financial soundness and stability of the financial institutions it regulates. To achieve this, APRA works to promote the safety and soundness of the institutions it regulates, and to ensure that they are well managed and operate in accordance with prudent standards. APRA also works to ensure that the financial services industry operates in an efficient, fair and transparent manner, and to promote the orderly and fair functioning of financial markets., topic=null, hs_path=australian-prudential-regulation-authority-apra}--
{tableName=glossary, name=GDPR Compliance, description=
GDPR Compliance is the process of adhering to the European Union’s General Data Protection Regulation (GDPR) which was passed on May 25, 2018. This regulation is designed to protect the privacy of EU citizens, by requiring organizations to protect the personal data and privacy of EU citizens for transactions that occur within EU member states. GDPR Compliance requires organizations to be transparent in how they collect, use, store, and transfer personal data, as well as how they respond to data breaches. Organizations must also provide individuals with the right to access, rectify, and delete their personal data. Additionally, organizations must obtain explicit consent from individuals before processing their personal data, and must notify individuals of any data breaches within 72 hours. GDPR Compliance also requires organizations to implement appropriate technical and organizational measures to protect personal data, such as encryption and pseudonymization. By adhering to GDPR regulations, organizations can ensure that they are protecting the privacy of EU citizens and complying with the law., topic=null, hs_path=gdpr-compliance}--
{tableName=comparison, name=NIST SP 800-53 vs PCI-DSS, description=NIST SP 800-53 and PCI-DSS are two of the most widely used security standards for organizations. Learn about the differences between the two., topic=[{id=97620570515, createdAt=1673040885373, updatedAt=1715624498921, path='nist-sp-800-53', name='
NIST SP 800-53 Security Guide: Protect Your Data', 1='{type=string, value=NIST SP 800-53}', 2='{type=string, value=
This guide provides a comprehensive overview of NIST SP 800-53, a security and privacy control framework for federal information systems and organizations. Learn how to protect your data and comply with NIST}', 5='{type=string, value=This authoritative guide is based on the National Institute of Standards and Technology (NIST) Special Publication (SP) 800-53, which provides guidance for federal agencies on selecting, implementing, and managing information security controls. The guide covers a wide range of topics, including risk assessment, security control selection, security control implementation, and security control monitoring. It also provides detailed information on the security controls that should be implemented in the organization, as well as guidance on how to assess and monitor the effectiveness of those controls. Additionally, the guide provides detailed information on the Federal Information Security Management Act (FISMA) and its requirements for information security. The guide is intended to help organizations ensure that their information systems are secure and compliant with applicable laws and regulations.}', 15='{type=list, value=[{id=97620570515, name='NIST SP 800-53'}]}'}], hs_path=nist-sp-800-53-vs-pci-dss}--
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76