Updates
Imported item 39
Security policies of ISO 27001 start with a template in the Azure portal.

How security policies help you stay compliant and gain ISO 27001 certification

October 25, 2024
No items found.
Who you gonna call?
Contact us

Processes require policies

Anyone who wants to achieve goals must look at strategy and planning. It's the same with security management. Anyone who wants to stay secure or achieve ISO certification must meet a number of standards around processes. And for that you need technology and policy. We already wrote more about it. ISO 27001/9001 - Roadmap to Modern Service Management for the Azure Cloud.

The previous blogs on MFA, the secure score and monitoring with Azure Sentinel, among others, all contribute to the technical checklist for ISO. The majority of our customers are ISO certified. It is therefore also important for them to continue to develop in order to maintain this certification. You can read more about the results in our customer cases. What can such a process look like and what checkboxes do you have to go through? Think of a reassessment by means of an audit for the ISO, descriptions of processes, access control, policy regarding system rights and a manual 'how to act in case of incidents'.  

Templates ISO & security Azure portal

There are plenty of checklists for ISO on the Internet. We have chosen to share with you the technical checklist to help you bridge the gap between business and IT.  

Tip from Marco: 9001 mainly contains rules around processes and reporting on exceptions. 27001 is mostly about data protection, think GDPR, access to workspaces and systems. While you're at it: get them both in order. 27001 is not a logical sequel, but a must!

'Old' in a new look? - security.txt  

Recently, security.co.uk came out with this post calling for making a security.txt available on your Web site. Security.txt is a file that allows organizations and websites to list their policies for dealing with security vulnerabilities. Security researchers can use this information to directly contact the appropriate department or person within the organization about found vulnerabilities. Tweakers also gave it due attention. Digital Trust Center begins campaign to implement security.txt - Computer - News - Tweakers

Have you read and implemented it yet? We did it this way.
Follow the example of Air Miles, Allego, Humanitas and Qualogy and request a free consultation or demo.

Microsoft is making some price changes for its licenses. As a Cloud Solution Provider, we are happy to inform you of these.

Read more

For the second year in a row we can call ourselves FD Gazelles in the East region, in the category small.

Read more
Cheryll Vahl
Ton Hilhorst
Rebecca Visschedijk
Ilse Kooning
Pamir Ahrary
Stephan Stavasius
Asjen van den Berg
Anne Versteegh
Simon de Vries
Sammie Woof Woof
Corien Gruppen
Marco van der Steijle
Anouchka Cnossen
Anton Cnossen
Franka Juta
Dorien Morselt
Jaap Meems
Joost-Jan Huls
Agnes Post
Courtney Leepel
Xander Kuiper
Hendrik Middag
Mehmet Gök
Hans Borkent
Gert-Jan Bos
Joeghanoe Bhatti

A little chat?

Do you have a data, cloud or IT transformation challenge? We'd love to think with you. Please contact us without obligation.