The ISO Review Podcast

Guidelines For The Assessment of Information Security Controls - Clause 6.2 Resourcing and Competence

March 12, 2024 Jim Moran & Howard Fox Episode 35
Guidelines For The Assessment of Information Security Controls - Clause 6.2 Resourcing and Competence
The ISO Review Podcast
More Info
The ISO Review Podcast
Guidelines For The Assessment of Information Security Controls - Clause 6.2 Resourcing and Competence
Mar 12, 2024 Episode 35
Jim Moran & Howard Fox

Howard and Jim chat about ISO/IEC TS 27008:2019 - Guidelines for the assessment of Information Security Controls - Clause 6.2 Reourcing and Competence.

POINTS DISCUSSED

  1. What are the key takeaways from the discussion on clause 6.2, resourcing and competence?
  2. How does this standard help organizations to assess the effectiveness of their information security controls?
  3. What are the skills and competencies required for information security auditors to conduct effective control assessments?
  4. How do phishing attacks and social engineering tactics put organizations at risk, and what measures can be taken to mitigate these risks?
  5. What were the main points in the discussion about the importance of thorough assessment and the need for adequate time to conduct these assessments?
  6. How do ISO standards like 27001, 27002, 27005, 27007, and 27008 contribute to the overall management of information security in an organization?
  7. What are the potential risks and benefits of engaging subject matter experts in information security auditing?
  8. How can organizations work towards continuous improvement in their information security management system through regular audits and training?

LEARN MORE

Click here to try Conformance1's free online ISO 27001 Gap Checklist.

UPCOMING EPISODE

Howard and Jim  Deep Dive into ISO/IEC TS 27008:2019 - Review Methods, Overview and Process Analysis  - Clause 7.1-7.2.

NEXT STEPS

If you enjoyed this episode, please follow us on your preferred podcast directory. We appreciate your likes & comments, and invite you to share episode with anyone who might benefit from learning about this topic.   

Click here to visit the SimplifyISO website to discover how our cloud-based management system will satisfy all the Standards requirements, client requirements, and any other requirements that you have to meet.

Click here to visit the International Management System Institute website, and learn about how and why you should consider becoming a Certified ISO Management System Professional.

Learn more about Jim on LinkedIn & YouTube

LinkedIn
LinkedIn Articles
YouTube

Book Recommendations:

Turn the Ship Around!: A True Story of Turning Followers into Leaders by L. David Marquet

The Checklist Manifesto: How to Get Things Right by Atul Gawande

Learn more about Howard

Click here to learn more about the Coaching and Podcast Services provided by Fox Coaching, inc.

Keywords

Jim Moran, Simplify ISO, ISO, ISO 27008, Information Security Management Systems, Risk Management, ISO Review Podcast, Howard Fox

#ISO27001 #ISO27008 #InformationSecurityManagementSystems #RiskManagement #ISOReviewPodcast

Note:  As an Amazon Associate, we earn from qualifying purchases.

Show Notes

Howard and Jim chat about ISO/IEC TS 27008:2019 - Guidelines for the assessment of Information Security Controls - Clause 6.2 Reourcing and Competence.

POINTS DISCUSSED

  1. What are the key takeaways from the discussion on clause 6.2, resourcing and competence?
  2. How does this standard help organizations to assess the effectiveness of their information security controls?
  3. What are the skills and competencies required for information security auditors to conduct effective control assessments?
  4. How do phishing attacks and social engineering tactics put organizations at risk, and what measures can be taken to mitigate these risks?
  5. What were the main points in the discussion about the importance of thorough assessment and the need for adequate time to conduct these assessments?
  6. How do ISO standards like 27001, 27002, 27005, 27007, and 27008 contribute to the overall management of information security in an organization?
  7. What are the potential risks and benefits of engaging subject matter experts in information security auditing?
  8. How can organizations work towards continuous improvement in their information security management system through regular audits and training?

LEARN MORE

Click here to try Conformance1's free online ISO 27001 Gap Checklist.

UPCOMING EPISODE

Howard and Jim  Deep Dive into ISO/IEC TS 27008:2019 - Review Methods, Overview and Process Analysis  - Clause 7.1-7.2.

NEXT STEPS

If you enjoyed this episode, please follow us on your preferred podcast directory. We appreciate your likes & comments, and invite you to share episode with anyone who might benefit from learning about this topic.   

Click here to visit the SimplifyISO website to discover how our cloud-based management system will satisfy all the Standards requirements, client requirements, and any other requirements that you have to meet.

Click here to visit the International Management System Institute website, and learn about how and why you should consider becoming a Certified ISO Management System Professional.

Learn more about Jim on LinkedIn & YouTube

LinkedIn
LinkedIn Articles
YouTube

Book Recommendations:

Turn the Ship Around!: A True Story of Turning Followers into Leaders by L. David Marquet

The Checklist Manifesto: How to Get Things Right by Atul Gawande

Learn more about Howard

Click here to learn more about the Coaching and Podcast Services provided by Fox Coaching, inc.

Keywords

Jim Moran, Simplify ISO, ISO, ISO 27008, Information Security Management Systems, Risk Management, ISO Review Podcast, Howard Fox

#ISO27001 #ISO27008 #InformationSecurityManagementSystems #RiskManagement #ISOReviewPodcast

Note:  As an Amazon Associate, we earn from qualifying purchases.