Sign up to save your podcasts
Or
Share ISO 27008: Preparing and Planning for IS Management System Assessments - Clause 8
Share to email
Share to Facebook
Share to X
Share to email
Share to Facebook
Share to X
Or
ISO 27008: Preparing and Planning for IS Management System Assessments - Clause 8
Welcome to the ISO Review Podcast! In this year-end episode, hosts Howard Fox and ISO Management System professional Jim Moran dive into the guiding principles of ISO 27008, focusing on clause 8—the heart of assessing controls for information security.
This episode explores the importance of thorough preparations and tailored planning for control assessments, drawing on real-world experience and highlighting the necessity of clear communication, risk-based thinking, and evidence-based decision making. Whether you’re new to ISO 27008 or refining your organization’s approach, you’ll find actionable insights on preparing your team, setting objectives, and understanding the scope and criteria of your audit—all crucial for building confidence in your results.
DISCUSSION
00:00 "ISO Review Podcast Highlights"
05:08 "Preparing for Effective Audits"
09:45 Audit Preparation and Planning Tips
12:43 Risk Management and Standards Compliance
14:33 "Focused Audit and Control Reviews"
22:03 "Information as an Asset"
24:34 Flexible Review Process Extension
30:12 Management Review and Documentation
31:25 Purposeful, Clear, Evidence-Based Reviews
NEXT STEPS
We appreciate your likes & comments, and shares. Click here to visit the SimplifyISO website. Click here to visit the International Management System Institute website and learn how to become a Certified ISO Management System Professional.
Conformance1's free online Gap Checklists:
ISO 9001 - https://conformance1.com/iso9001-gap-assessment-register/
ISO 27001 - https://conformance1.com/iso-27001-gap-checklist-dashboard/
Learn more about Jim on LinkedIn & YouTube.
LinkedIn
LinkedIn Articles
YouTube
Learn about Howard's Coaching and Podcast Services onhis website at https://foxcoaching.com or on LinkedIn at https://www.linkedin.com/in/foxcoachinginc/
KEYWORDS
ISO 27008, Information Security Controls, Information Security Management System, ISO Review Podcast, SimplifyISO, Podcast
#ISO27008 #InformationSecurityControls #InformationSecurityManagementSystem #ISOReviewPodcast #SimplifyISO #Podcast
View all episodes
By JimWelcome to the ISO Review Podcast! In this year-end episode, hosts Howard Fox and ISO Management System professional Jim Moran dive into the guiding principles of ISO 27008, focusing on clause 8—the heart of assessing controls for information security.
This episode explores the importance of thorough preparations and tailored planning for control assessments, drawing on real-world experience and highlighting the necessity of clear communication, risk-based thinking, and evidence-based decision making. Whether you’re new to ISO 27008 or refining your organization’s approach, you’ll find actionable insights on preparing your team, setting objectives, and understanding the scope and criteria of your audit—all crucial for building confidence in your results.
DISCUSSION
00:00 "ISO Review Podcast Highlights"
05:08 "Preparing for Effective Audits"
09:45 Audit Preparation and Planning Tips
12:43 Risk Management and Standards Compliance
14:33 "Focused Audit and Control Reviews"
22:03 "Information as an Asset"
24:34 Flexible Review Process Extension
30:12 Management Review and Documentation
31:25 Purposeful, Clear, Evidence-Based Reviews
NEXT STEPS
We appreciate your likes & comments, and shares. Click here to visit the SimplifyISO website. Click here to visit the International Management System Institute website and learn how to become a Certified ISO Management System Professional.
Conformance1's free online Gap Checklists:
ISO 9001 - https://conformance1.com/iso9001-gap-assessment-register/
ISO 27001 - https://conformance1.com/iso-27001-gap-checklist-dashboard/
Learn more about Jim on LinkedIn & YouTube.
LinkedIn
LinkedIn Articles
YouTube
Learn about Howard's Coaching and Podcast Services onhis website at https://foxcoaching.com or on LinkedIn at https://www.linkedin.com/in/foxcoachinginc/
KEYWORDS
ISO 27008, Information Security Controls, Information Security Management System, ISO Review Podcast, SimplifyISO, Podcast
#ISO27008 #InformationSecurityControls #InformationSecurityManagementSystem #ISOReviewPodcast #SimplifyISO #Podcast