Remove 2013 Remove Accreditation Remove All-Hazards
article thumbnail

ISO 27001 Certification Requirements & Standards

Reciprocity

Your primary reference points will be ISO/IEC 27001:2013, ISO/IEC 27002:2013, and ISO/IEC 27000:2018. Doing this right is critical because a scope that is too large will increase the project’s time and expense, and a scope that is too narrow may expose your firm to unanticipated hazards. Form a Project Team.

Audit 52
article thumbnail

IRM, ERM, and GRC: Is There a Difference?

Reciprocity

Are there differences at all? Not long ago, risk managers concerned themselves mainly with hazards such as fires and floods; or in the financial sector, loan defaults (credit risk). COSO’s ERM framework builds upon, and is intended to work with, the committee’s internal control framework issued in 1992 and updated in 2013.