Compliance

What does a GRC analyst do?

GRC analysts have the responsibility of speaking about security from a business point. Their work is designed to help the organization, bolster its defenses, be in a place to quickly react and handle bad situations, and limit the number of negative consequences and impacts. The GRC analyst fully operates within identify and protect section of …

What does a GRC analyst do? Read More »

ISO 27001 Annex Explained

The Annex A of the ISO 27001 is also known as the Statement of Applicability (SOA). Because each organization differs, each organization must write its SOA. The Annex A of the ISO 27001 starts from A5-A18. These contain the information security operations controls which are important for managing and improving information security. Annex A5 Information …

ISO 27001 Annex Explained Read More »