‹ All episodes

The ISO Review Podcast

ISO/IEC TS 27008:2019 - Guidelines for the Assessment of Information Security Controls

December 05, 2023 Jim Moran & Howard Fox Episode 31
ISO/IEC TS 27008:2019 - Guidelines for the Assessment of Information Security Controls
The ISO Review Podcast
More Info
The ISO Review Podcast
ISO/IEC TS 27008:2019 - Guidelines for the Assessment of Information Security Controls
Dec 05, 2023 Episode 31
Jim Moran & Howard Fox

Howard and Jim chat about ISO/IEC TS 27008:2019 - Guidelines for the Assessment of Information Security Controls.

Points discussed include:

  1. How do the ISO 27008 and ISO 27001 standards work together to enhance information security within organizations?
  2. Why is it important for organizations to have good monitoring systems in place, and what are some key considerations for setting up effective monitoring?
  3. What are the controls outlined in ISO 27008, and how do they contribute to improving risk management and stakeholder approval?
  4. In what ways can artificial intelligence be utilized to identify risks and enhance the monitoring of information security controls within organizations?
  5. How does the ISO 27008 standard contribute to providing assurance to stakeholders such as customers, partners, and regulatory bodies regarding an organization's robust information security management process?
  6. How can organizations effectively integrate the assessment of controls outlined in ISO 27008 with other ISO standards, such as ISO 27001 and ISO 27002?
  7. What role do people and training play in maintaining the security of information within organizations?
  8. What are some best practices for conducting internal audits to assess the effectiveness of Annex A controls, risk management, and improvement opportunities within an organization's information security management system?

Complimentary ISO Resources

Click here to try Conformance1's free online ISO 27001 Gap Checklist.

Upcoming Episode

Howard and Jim  Deep Dive into Information Security Controls, ISO/IEC TS 27008:2019.

Next Steps

If you enjoyed this episode, please follow us on your preferred podcast directory. We appreciate your likes & comments, and invite you to share episode with anyone who might benefit from learning about this topic.   

Click here to visit the SimplifyISO website to discover how our cloud-based management system will satisfy all the Standards requirements, client requirements, and any other requirements that you have to meet.

Click here to visit the International Management System Institute website so that you can learn about how and why you should consider becoming a Certified ISO Management System Professional.

Learn more about Jim on LinkedIn & YouTube

LinkedIn
LinkedIn Articles:
YouTube

Learn more about Howard

Click here to learn more about the Coaching and Podcast Services provided by Fox Coaching, inc.

Keywords

ISO, ISO 27001, ISO 27008, Information Security Management Systems, Risk Management, Artificial Intelligence, AI, Podcast Interview

#ISO27001 #ISO27008 #InformationSecurityManagementSystems #RiskManagement #ArtificialIntelligence #AI #PodcastInterview

Apple Podcasts Spotify Amazon Music Podcast Index Overcast TuneIn + Alexa +
Show Notes

Howard and Jim chat about ISO/IEC TS 27008:2019 - Guidelines for the Assessment of Information Security Controls.

Points discussed include:

  1. How do the ISO 27008 and ISO 27001 standards work together to enhance information security within organizations?
  2. Why is it important for organizations to have good monitoring systems in place, and what are some key considerations for setting up effective monitoring?
  3. What are the controls outlined in ISO 27008, and how do they contribute to improving risk management and stakeholder approval?
  4. In what ways can artificial intelligence be utilized to identify risks and enhance the monitoring of information security controls within organizations?
  5. How does the ISO 27008 standard contribute to providing assurance to stakeholders such as customers, partners, and regulatory bodies regarding an organization's robust information security management process?
  6. How can organizations effectively integrate the assessment of controls outlined in ISO 27008 with other ISO standards, such as ISO 27001 and ISO 27002?
  7. What role do people and training play in maintaining the security of information within organizations?
  8. What are some best practices for conducting internal audits to assess the effectiveness of Annex A controls, risk management, and improvement opportunities within an organization's information security management system?

Complimentary ISO Resources

Click here to try Conformance1's free online ISO 27001 Gap Checklist.

Upcoming Episode

Howard and Jim  Deep Dive into Information Security Controls, ISO/IEC TS 27008:2019.

Next Steps

If you enjoyed this episode, please follow us on your preferred podcast directory. We appreciate your likes & comments, and invite you to share episode with anyone who might benefit from learning about this topic.   

Click here to visit the SimplifyISO website to discover how our cloud-based management system will satisfy all the Standards requirements, client requirements, and any other requirements that you have to meet.

Click here to visit the International Management System Institute website so that you can learn about how and why you should consider becoming a Certified ISO Management System Professional.

Learn more about Jim on LinkedIn & YouTube

LinkedIn
LinkedIn Articles:
YouTube

Learn more about Howard

Click here to learn more about the Coaching and Podcast Services provided by Fox Coaching, inc.

Keywords

ISO, ISO 27001, ISO 27008, Information Security Management Systems, Risk Management, Artificial Intelligence, AI, Podcast Interview

#ISO27001 #ISO27008 #InformationSecurityManagementSystems #RiskManagement #ArtificialIntelligence #AI #PodcastInterview