Remove 2013 Remove Accreditation Remove Hazard
article thumbnail

ISO 27001 Certification Requirements & Standards

Reciprocity

Your primary reference points will be ISO/IEC 27001:2013, ISO/IEC 27002:2013, and ISO/IEC 27000:2018. Doing this right is critical because a scope that is too large will increase the project’s time and expense, and a scope that is too narrow may expose your firm to unanticipated hazards. Form a Project Team.

Audit 52
article thumbnail

IRM, ERM, and GRC: Is There a Difference?

Reciprocity

Not long ago, risk managers concerned themselves mainly with hazards such as fires and floods; or in the financial sector, loan defaults (credit risk). COSO’s ERM framework builds upon, and is intended to work with, the committee’s internal control framework issued in 1992 and updated in 2013. Are there differences at all?