Protocol Policy Newletters

November 10, 2022

Adapting policies to reflect the new guidance in ISO27002:2022

The release of a new version of the 27002 standard by ISO has introduced a number of changes from its predecessor, the 2013 version, as covered in our August and September newsletters. On 16th November, Protocol Policy Systems will make a new mapping option for the ISO27002:2022 version available to existing and new customers of Policy Management as a Service (PMaaS).

October 05, 2022

Demonstrating your data protection compliance

Having clear, consistent and risk-appropriate policies in place to manage data security can help you comply with your legal obligations and create positive, organisation-wide change. Most people tasked with data protection responsibilities will already be familiar with the Accountability Framework as a guide to safeguarding customer data. The Information Commissioner’s Office, which drafted the framework, states that ‘accountability is one of the key principles in data protection law...

September 07, 2022

11 New controls introduced in the ISO 27002 2022

Our August newsletter outlined the changes delivered in the new 2022 version of ISO 27002. In terms of the recommended controls the overall count in the 2022 revision has 21 less controls than before and 24 of the original controls have been merged.  However, 11 new controls have also been introduced, let’s take a brief look at those new controls.  

August 03, 2022

ISO 27002: All you need to know about the 2022 update

Nine years on from the last revision, there’s a new version of information security standard ISO 27002. What’s changed, and what does it mean for your company?

ISO 27002 is an internationally recognised security standard that sets out security controls to be used in implementing and maintaining an information security management system (ISMS). This is a system for safeguarding all of your company’s valuable information assets – from IT and digital material to 

July 12, 2022

Planning For Business Continuity Through Staff Turnovers

It’s common knowledge that a company’s most valuable asset is its people, yet information assets are a very close second. An organisation’s IP and data are mission critical, continually developed and improved by existing and new staff. So in the current environment of talent mobility, how does an organisation maintain its data integrity as well as its competitive advantage?  

June 15, 2022

Four ways to build a positive cyber security culture

A positive and effective cyber security strategy requires easy-to-understand policies, a company-wide culture of adopting best practice, and a programme of ongoing training.  Cyber security threats are an insidious problem, and countering them requires a collective approach, implemented at every level. Cyber security policies and training should be simple, relevant, consistent and workable; teams therefore need frequent reminders and refreshers to stay vigilant.

May 18, 2022

Building Easily Understood IT Policies for Stronger Cyber Security

IT policies are a vital part of the foundation of your business, they help you manage cybersecurity risk and in turn minimise business, financial and reputational damage. However, they can be quite tricky to write. Building a set of IT policies that encompass everything your business requires, while keeping things understandable, can be a big challenge.

May 04, 2022

Effective policy management engages users and improves IT security awareness

In the ever-changing world of IT security, threats are increasingly sophisticated and response time is critical. Robust IT policies are key to protecting information from disclosure, unauthorised access, loss, corruption and interference.  At Protocol Policy Systems (PPS), we offer a fast-track process and platform for you to fully scope and implement your cyber security policies, setting up a new policy framework in weeks rather than months.