The InfoSec Insider podcast brings you weekly interviews with practicing senior consultants, who draw upon their extensive experience to provide detailed and practical guidance on all things information and cyber security, data protection compliance, risk management, and more. In each episode, one of our experts takes a deep-dive into a particular aspect of their area of specialism, whether that be certifying to ISO 27001, outlining some top tips for GDPR compliance, making the case for alternative approaches to pen testing, or discussing how to conduct an effective business impact analysis (BIA). Enhance your understanding and professional skillset with the InfoSec Insider podcast, brought to you by URM, the UK’s leading provider of cyber security and governance, risk management and compliance consultancy.
All content for InfoSec Insider is the property of URM Consulting and is served directly from their servers
with no modification, redirects, or rehosting. The podcast is not affiliated with or endorsed by Podjoint in any way.
The InfoSec Insider podcast brings you weekly interviews with practicing senior consultants, who draw upon their extensive experience to provide detailed and practical guidance on all things information and cyber security, data protection compliance, risk management, and more. In each episode, one of our experts takes a deep-dive into a particular aspect of their area of specialism, whether that be certifying to ISO 27001, outlining some top tips for GDPR compliance, making the case for alternative approaches to pen testing, or discussing how to conduct an effective business impact analysis (BIA). Enhance your understanding and professional skillset with the InfoSec Insider podcast, brought to you by URM, the UK’s leading provider of cyber security and governance, risk management and compliance consultancy.
In this episode of InfoSec Insider, Wayne Armstrong, Senior Consultant at URM, breaks down the 5 supplier management-related controls in the ‘Organisational’ control theme of ISO 27001’s Annex A. Wayne draws upon 30+ of experience with information security to discuss:
Why your organisation should consider supplier management as part of information security
What each of the following 5 controls cover and how to implement them:
A5.19 – Information security in supplier relationships
A5.20 – Addressing information security within supplier relationships
A5.21 – Managing information security in the ICT supply chain
A5.22 – Monitoring, review and change management of supplier services
A5.23 – Information security for use of cloud services.
Learn more about this topic: https://www.urmconsulting.com/blog/iso-27001-2022-a-5-organisational-controls-supplier-management
If you enjoyed this episode of InfoSec Insider, you can leave us a rating and review here: https://ratethispodcast.com/infosecinsider
You can find more episodes of InfoSec Insider here: https://urmconsulting.com/podcasts
Brought to you by URM, the UK’s leading information and cyber security specialists.
InfoSec Insider
The InfoSec Insider podcast brings you weekly interviews with practicing senior consultants, who draw upon their extensive experience to provide detailed and practical guidance on all things information and cyber security, data protection compliance, risk management, and more. In each episode, one of our experts takes a deep-dive into a particular aspect of their area of specialism, whether that be certifying to ISO 27001, outlining some top tips for GDPR compliance, making the case for alternative approaches to pen testing, or discussing how to conduct an effective business impact analysis (BIA). Enhance your understanding and professional skillset with the InfoSec Insider podcast, brought to you by URM, the UK’s leading provider of cyber security and governance, risk management and compliance consultancy.
