What People Get Wrong About ISO 27001 Compliance episode artwork

EPISODE · Aug 26, 2021 · 21 MIN

What People Get Wrong About ISO 27001 Compliance

from The Virtual CISO Podcast · host John Verry

Just because ISO 27001 suggests a control, doesn’t mean you have to have it – in fact, you could be hurting yourself if you do by wasting money and have more trouble in an audit than you would otherwise. Your controls depend on your risk — not ISO suggestions. That’s just one of the many misunderstandings people have about the ISO 27001 standard. In this solo episode, host John Verry, CISO & Managing Partner at Pivot Point Security goes in depth on the most common misperceptions around ISO 27001 compliance. Some notable examples: - Why your controls need to be in accordance with your risk - Why you don’t need to go crazy documenting absolutely everything - Why you shouldn’t overcommit on controls To hear this episode, and many more like it, you can subscribe to The Virtual CISO Podcast here. If you don’t use Apple Podcasts, you can find all our episodes here. Listening on a desktop & can’t see the links? Just search for The Virtual CISO Podcast in your favorite podcast player.

Just because ISO 27001 suggests a control, doesn’t mean you have to have it – in fact, you could be hurting yourself if you do by wasting money and have more trouble in an audit than you would otherwise. Your controls depend on your risk — not ISO suggestions. That’s just one of the many misunderstandings people have about the ISO 27001 standard. In this solo episode, host John Verry, CISO & Managing Partner at Pivot Point Security goes in depth on the most common misperceptions around ISO 27001 compliance. Some notable examples: - Why your controls need to be in accordance with your risk - Why you don’t need to go crazy documenting absolutely everything - Why you shouldn’t overcommit on controls To hear this episode, and many more like it, you can subscribe to The Virtual CISO Podcast here. If you don’t use Apple Podcasts, you can find all our episodes here. Listening on a desktop & can’t see the links? Just search for The Virtual CISO Podcast in your favorite podcast player.

NOW PLAYING

What People Get Wrong About ISO 27001 Compliance

0:00 21:55

No transcript for this episode yet

We transcribe on demand. Request one and we'll notify you when it's ready — usually under 10 minutes.

Frequently Asked Questions

How long is this episode of The Virtual CISO Podcast?

This episode is 21 minutes long.

When was this The Virtual CISO Podcast episode published?

This episode was published on August 26, 2021.

What is this episode about?

Just because ISO 27001 suggests a control, doesn’t mean you have to have it – in fact, you could be hurting yourself if you do by wasting money and have more trouble in an audit than you would otherwise. Your controls depend on your risk — not ISO...

Is there a transcript available for this episode?

Yes, a full transcript is available for this episode. You can read the complete transcript on the episode page.

Can I download this The Virtual CISO Podcast episode?

Yes, you can download this episode by clicking the download button on the episode player, or subscribe to the podcast in your preferred podcast app for automatic downloads.
URL copied to clipboard!