Resources
Blog

Business Continuity Management Program BCM (part 2)

Tue, 09/17/2013
As a follow up to the Business Continuity Management program article, here is a more detailed description of the development and implementation phase objectives and content of the Business Continuity Plan (BCP) for major incidents. This plan is in fact a set of plans which is comprised of the following main components: Emergency action plan and damage assessment This is a...
Compliance

The ISO/IEC 27002 Standard

Sun, 09/15/2013
The ISO/IEC 27002 standard is part of a family of international standards (ISO 27000) for the management of information security. It includes the best industry practices to protect the availability, integrity and confidentiality of information. A risk assessment is initially necessary to identify priority controls to be implemented within a company in order to improve the...
Compliance
Blog

Supplementary guide to achieving PCI-DSS compliance cloud computing

Tue, 05/28/2013
Cloud computing services require special attention in regards to information security and privacy. This is especially important when using credit card data while cloud computing in order to meet PCI-DSS ("Payment Card Industry – Data Security Standard") standards. To this end, the SSC ("Standard Security Council") published a document entitled “Information Supplement: PCI DSS...
Cloud Security
Compliance
Blog

Secure information destruction

Tue, 04/09/2013
What is the value of the information stored on your computer equipment or paper documents? What would the impacts be if your personal or confidential information fell into the wrong hands (e.g. financial loss, loss of image / reputation, regulatory or legal non-compliance)? Can you be certain that a proper destruction method was used on the information (whether in digital or...
Data Privacy
Data Security
Security Awareness Training