{tableName=glossary, name=ISO/IEC 27001 Penetration Testing, description=
ISO/IEC 27001 Penetration Testing is a type of security testing that is used to evaluate the security of an organization’s information systems and networks. It is designed to identify, analyze, and report on any vulnerabilities that may exist in an organization’s security infrastructure. The goal of penetration testing is to find, exploit, and help correct any weaknesses in the system before they can be exploited by malicious actors. During a penetration test, an ethical hacker attempts to gain access to an organization’s systems and networks, either by exploiting known vulnerabilities or by using social engineering tactics. The tester then documents and reports on the findings, including any potential risks and recommended countermeasures. The results of the penetration test are then used to develop a comprehensive security plan that can help protect the organization’s systems and data., topic=[{id=97620570500, createdAt=1673040885276, updatedAt=1716010651854, path='iso-27001', name='
ISO 27001 Guide: A Comprehensive Guide', 1='{type=string, value=ISO 27001}', 2='{type=string, value=This guide provides a comprehensive overview of the ISO 27001 standard, including the requirements, implementation, and certification. Learn how to ensure your organization's information security is up to date and compliant.}', 5='{type=string, value=
This guide provides an authoritative and detailed overview of the ISO/IEC 27001 standard, which defines the requirements for an Information Security Management Systems (ISMS) associated with information security, cybersecurity and privacy protection.
Learn about the purpose and scope of the standard, the key requirements for an ISMS, how to implement and maintain an ISMS, how to establish an effective security risk management program, how to develop and implement security policies, how to implement controls to protect information and services and how to audit and review systems to ensure they meet the requirements of the standard.
This guide is an essential resource for anyone looking to understand and implement ISO 27001.
}', 15='{type=list, value=[{id=97620570500, name='ISO 27001'}]}'}], hs_path=iso-iec-27001-penetration-testing}--
{tableName=glossary, name=ISO/IEC 27001 Back Up Policy, description=
ISO/IEC 27001 is an international standard for information security management that provides a framework for organizations to establish and maintain an effective information security management system (ISMS). It is designed to help organizations protect their information assets, including information stored in digital form, from unauthorized access, use, disclosure, disruption, modification, or destruction. The standard also outlines the requirements for information security policies, procedures, processes, and controls. A Back Up Policy is a set of procedures and processes that are put in place to ensure that all information assets are backed up in a secure and reliable manner. This policy should include the frequency of backups, the type of backups, the location of the backups, the media used for the backups, and the procedures for restoring the backups. The policy should also include the responsibilities of the personnel involved in the backup process and the procedures for testing the backups to ensure that they are recoverable. The standard is designed to help organizations protect their information assets from unauthorized access, use, disclosure, disruption, modification, or destruction., topic=[{id=97620570500, createdAt=1673040885276, updatedAt=1716010651854, path='iso-27001', name='
ISO 27001 Guide: A Comprehensive Guide', 1='{type=string, value=ISO 27001}', 2='{type=string, value=This guide provides a comprehensive overview of the ISO 27001 standard, including the requirements, implementation, and certification. Learn how to ensure your organization's information security is up to date and compliant.}', 5='{type=string, value=
This guide provides an authoritative and detailed overview of the ISO/IEC 27001 standard, which defines the requirements for an Information Security Management Systems (ISMS) associated with information security, cybersecurity and privacy protection.
Learn about the purpose and scope of the standard, the key requirements for an ISMS, how to implement and maintain an ISMS, how to establish an effective security risk management program, how to develop and implement security policies, how to implement controls to protect information and services and how to audit and review systems to ensure they meet the requirements of the standard.
This guide is an essential resource for anyone looking to understand and implement ISO 27001.
}', 15='{type=list, value=[{id=97620570500, name='ISO 27001'}]}'}], hs_path=iso-iec-27001-back-up-policy}--
{tableName=glossary, name=Prioritisation, description=
Prioritisation is the process of determining the order of importance or urgency of activities, tasks, and decisions. It involves assessing the relative worth of competing demands for attention and allocating resources accordingly. It is a key skill for effective time management, as it helps to ensure that the most important tasks are completed first, and that resources are allocated in the most efficient way. Prioritisation can also be used to help make decisions about which projects or initiatives should take precedence over others, and which tasks should be completed first., topic=null, hs_path=prioritisation}--
{tableName=glossary, name=ISO/IEC /IEC 27001:2017, description=
ISO/IEC 27001:2017 is an international standard that provides specifications and guidance for organizations to establish, maintain, and continually improve an information security management system (ISMS). It is designed to help organizations protect their information assets and prevent unauthorized access, disclosure, destruction, or loss of data. The standard is based on a risk management approach and provides a framework for organizations to identify, assess, and manage their information security risks. It also provides guidance on how to select and implement appropriate security controls to protect and secure information assets. Organizations that meet the requirements of ISO/IEC 27001:2017 can demonstrate to customers, suppliers, and other stakeholders that they have taken appropriate measures to protect their information assets., topic=[{id=97620570500, createdAt=1673040885276, updatedAt=1716010651854, path='iso-27001', name='
ISO 27001 Guide: A Comprehensive Guide', 1='{type=string, value=ISO 27001}', 2='{type=string, value=This guide provides a comprehensive overview of the ISO 27001 standard, including the requirements, implementation, and certification. Learn how to ensure your organization's information security is up to date and compliant.}', 5='{type=string, value=
This guide provides an authoritative and detailed overview of the ISO/IEC 27001 standard, which defines the requirements for an Information Security Management Systems (ISMS) associated with information security, cybersecurity and privacy protection.
Learn about the purpose and scope of the standard, the key requirements for an ISMS, how to implement and maintain an ISMS, how to establish an effective security risk management program, how to develop and implement security policies, how to implement controls to protect information and services and how to audit and review systems to ensure they meet the requirements of the standard.
This guide is an essential resource for anyone looking to understand and implement ISO 27001.
}', 15='{type=list, value=[{id=97620570500, name='ISO 27001'}]}'}], hs_path=iso-iec-iec-270012017}--
{tableName=guides, name=Critical Infrastructure, description=Discover our expert guide on Cyber GRC for critical infrastructure. Learn key frameworks, risk management, and compliance practices to protect vital systems from cyber threats., topic=[{id=167306711909, createdAt=1715639896212, updatedAt=1715708390844, path='critical-infrastructure', name='Cybersecurity risk and compliance for Critical Infrastructure', 1='{type=string, value=Critical Infrastructure}', 2='{type=string, value=Discover our expert guide on Cyber GRC for critical infrastructure. Learn key frameworks, risk management, and compliance practices to protect vital systems from cyber threats.}', 5='{type=string, value=This comprehensive guide delves into Cyber Governance, Risk, and Compliance (GRC) tailored for critical infrastructure sectors such as energy, healthcare, and transportation. Discover key components, best practices, and country-specific frameworks from Australia, the UK, and the US. Gain insights on risk assessment, incident response, and future trends to enhance your organization's cybersecurity resilience.}', 15='{type=list, value=[{id=167306711909, name='Critical Infrastructure'}]}'}], hs_path=critical-infrastructure}--
{tableName=glossary, name=Vendor Management Policy, description=
A Vendor Management Policy is a set of guidelines and procedures designed to ensure that vendors providing goods and services to an organization are properly managed. The policy outlines the expectations for vendors and the organization’s responsibilities for vendor management. It also provides guidance on how to select, assess, and monitor vendors to ensure successful outcomes. The policy outlines how to manage vendor relationships, how to address performance issues, and how to ensure that vendors meet contractual requirements and organizational standards. The policy should also include guidance on how to manage vendor contracts, how to handle confidential information, and how to ensure compliance with applicable laws and regulations., topic=[{id=97620570526, createdAt=1673040885440, updatedAt=1715624231354, path='vendor-risk-management', name='
Vendor Risk Management: A Guide to Best Practices', 1='{type=string, value=Vendor Risk Management}', 2='{type=string, value=
Vendor Risk Management Guide: Learn the fundamentals of vendor risk management and how to identify, assess, and mitigate risks associated with third-party vendors.}', 5='{type=string, value=This Vendor Risk Management Guide provides a comprehensive overview of the key components of vendor risk management. It covers the fundamentals of vendor risk management, including risk identification, assessment, and mitigation strategies. It also provides guidance on the development of a vendor risk management program, including the process for selecting, onboarding, and monitoring vendors. Additionally, this guide provides guidance on the use of technology to automate and streamline the vendor risk management process. Finally, this guide provides a number of best practices for managing vendor risk and ensuring compliance with applicable regulations. With this guide, organizations can create a comprehensive and effective vendor risk management program that ensures the safety of their data and systems.}', 15='{type=list, value=[{id=97620570526, name='Vendor Risk Management'}]}'}], hs_path=vendor-management-policy}--
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77