Timestamps: 0:15 Speaking Introductions 1:08 ISO 27001 Background 6:05 ISO 27001 Framework Overview 8:20 Clauses 4-10 (ISMS) Overview 11:30 Overview of the 114 Controls (Annex A) 23:50 ISO 27001 Certification Process 33:25 Typical ISO 27001 Timeline 34:40 ISO 27001 Certification Tips and Common Questions 42:35 Free Resources and Contact Information Check out our ISO 27001 learning center here: risk3sixty.com/learn/iso-27001-understanding-the-basics/
The sad but most frequent Business objective = it was asked for in a sales questionnaire. In the US, a SOC2 type 1/2 report is a more valuable asset to get started with. 27001 certification for international needs.
@@leiko7405 SOC2 is about security controls. It's a confidential report that generates low level information about your environment. Type 1 report is just a snapshot of what the environment looks like and what controls are in place. Type 2 is a period of time to examine how effective those controls are. As for sales/client relationships you wouldnt hand out a SOC2 report; that's what SOC3 is for; which is the higher level overview and public facing audit type. Even in a close client relationship, it's unlikely SOC2 would be handed over. For learning more, just do a search here on youtube for SOC Audits, there's lots of detailed lectures about it since it's talked about in multiple certification programs.
@@DGPHolyHandgrenade Thank you so much for taking the time to educate me on this subject, I am trying to get into cyber security blue teaming, or analyst positions... its a lot to digest due to overwhelming information but now I completely understand the SOC levels, thank you once again!!
Timestamps:
0:15 Speaking Introductions
1:08 ISO 27001 Background
6:05 ISO 27001 Framework Overview
8:20 Clauses 4-10 (ISMS) Overview
11:30 Overview of the 114 Controls (Annex A)
23:50 ISO 27001 Certification Process
33:25 Typical ISO 27001 Timeline
34:40 ISO 27001 Certification Tips and Common Questions
42:35 Free Resources and Contact Information
Check out our ISO 27001 learning center here: risk3sixty.com/learn/iso-27001-understanding-the-basics/
Is there a way I can access the PowerPoint presentation?
Thank you for this it has helped me refresh. Will look at the other sections and subscribe
Pure gold. Thanks.
Highly informative content. Thumb up
Very good content. Thanks!
Very good introductory content
Very informative video. Thank you.
Very nice session with basic information. Will you be able to share the PPT?
The sad but most frequent Business objective = it was asked for in a sales questionnaire.
In the US, a SOC2 type 1/2 report is a more valuable asset to get started with. 27001 certification for international needs.
Do you know where one can learn properly about soc1/2 or are you willing to share your knowledge for example purposes :)?
@@leiko7405 SOC2 is about security controls. It's a confidential report that generates low level information about your environment. Type 1 report is just a snapshot of what the environment looks like and what controls are in place. Type 2 is a period of time to examine how effective those controls are. As for sales/client relationships you wouldnt hand out a SOC2 report; that's what SOC3 is for; which is the higher level overview and public facing audit type. Even in a close client relationship, it's unlikely SOC2 would be handed over.
For learning more, just do a search here on youtube for SOC Audits, there's lots of detailed lectures about it since it's talked about in multiple certification programs.
@@DGPHolyHandgrenade Thank you so much for taking the time to educate me on this subject, I am trying to get into cyber security blue teaming, or analyst positions... its a lot to digest due to overwhelming information but now I completely understand the SOC levels, thank you once again!!
how do you add other business units to the company isms?
Do y’all recommend me getting it? I’m a beginner with no experience but I’m working on COMPTIA Security+
I am from commerce background with no IT experience and thinking to proceed with iso 27001. Can it give me good opportunity?
The only one in the US is ANAB.. or so I thought?
This is great! The link to the whitepaper is dead. Can you please share a fresh link? thanks
Superb 101 on 27k01 and 02
Where do we take the Certified ISO/IEC 27001 Foundation exam?
Check out IT Governance
Uh…Uh…Uh…Uh…Uh…Uh