The InfoSec Insider podcast brings you weekly interviews with practicing senior consultants, who draw upon their extensive experience to provide detailed and practical guidance on all things information and cyber security, data protection compliance, risk management, and more. In each episode, one of our experts takes a deep-dive into a particular aspect of their area of specialism, whether that be certifying to ISO 27001, outlining some top tips for GDPR compliance, making the case for alternative approaches to pen testing, or discussing how to conduct an effective business impact analysis (BIA). Enhance your understanding and professional skillset with the InfoSec Insider podcast, brought to you by URM, the UK’s leading provider of cyber security and governance, risk management and compliance consultancy.
All content for InfoSec Insider is the property of URM Consulting and is served directly from their servers
with no modification, redirects, or rehosting. The podcast is not affiliated with or endorsed by Podjoint in any way.
The InfoSec Insider podcast brings you weekly interviews with practicing senior consultants, who draw upon their extensive experience to provide detailed and practical guidance on all things information and cyber security, data protection compliance, risk management, and more. In each episode, one of our experts takes a deep-dive into a particular aspect of their area of specialism, whether that be certifying to ISO 27001, outlining some top tips for GDPR compliance, making the case for alternative approaches to pen testing, or discussing how to conduct an effective business impact analysis (BIA). Enhance your understanding and professional skillset with the InfoSec Insider podcast, brought to you by URM, the UK’s leading provider of cyber security and governance, risk management and compliance consultancy.
In this episode of InfoSec Insider, Wayne Armstrong, Senior Consultant at URM, provides his insights on the 34 technological controls in Annex A of ISO 27001 and how these can be implemented by organisations looking to conform or certify to the Standard. Wayne leverages his 30+ years of experience in information security and risk management to discuss:
What the technological controls in ISO 27001 are designed to achieve
How you can go about selecting the most appropriate technological controls for your organisation
How the guidance contained in ISO 27002, the supplementary standard to ISO 27001, can help your organisation meet the Standard’s requirements in relation to technological controls
The constraints that may prevent your organisation from implementing certain controls, and how these can be overcome
The importance of balancing security and operational effectiveness and efficiency.
Learn more about this topic: https://www.urmconsulting.com/blog/implementing-technological-controls-in-iso-27001
If you enjoyed this episode of InfoSec Insider, you can leave us a rating and review here: https://ratethispodcast.com/infosecinsider
You can find more episodes of InfoSec Insider here: https://urmconsulting.com/podcasts
Brought to you by URM, the UK’s leading information and cyber security specialists.
InfoSec Insider
The InfoSec Insider podcast brings you weekly interviews with practicing senior consultants, who draw upon their extensive experience to provide detailed and practical guidance on all things information and cyber security, data protection compliance, risk management, and more. In each episode, one of our experts takes a deep-dive into a particular aspect of their area of specialism, whether that be certifying to ISO 27001, outlining some top tips for GDPR compliance, making the case for alternative approaches to pen testing, or discussing how to conduct an effective business impact analysis (BIA). Enhance your understanding and professional skillset with the InfoSec Insider podcast, brought to you by URM, the UK’s leading provider of cyber security and governance, risk management and compliance consultancy.
