The ISO Review Podcast
The ISO Review Podcast is a production of SimplifyISO. In each episode, we share the latest International Standards Development, and is your resource for getting the most out of your management systems. Your podcast hosts are Howard Fox & Jim Moran. Howard is a Business Coach and Host of the Success InSight Podcast. Jim is an ISO Management System Professional, celebrating 30-plus years delivering ISO support.
The ISO Review Podcast
How to Assess Information Security Controls Using ISO 27008: Process, Scope, and Criteria
Welcome back to another episode of the ISO Review Podcast, brought to you by Simplify ISO! This week, Jim Moran and Howard Fox dive deep into the essentials of assessing information security controls in line with ISO 27008.
Building on last week’s introduction, Jim Moran shares his expertise, highlighting the critical steps in reviewing and auditing controls from Annex A of ISO 27001, gathering evidence, and ensuring objectivity through well-structured assessment methodologies.
Whether you’re running a large organization or a small business, you’ll find practical tips for planning effective audits, resourcing your team, and leveraging checklists and flowcharts to enhance information security. Tune in for a comprehensive overview, actionable advice, and real-world examples designed to help you get the most out of your management systems and stay ahead in the ever-challenging world of information security.
DISCUSSIOON
00:00 Information Security Control Assessments
05:00 "Assessment Tips and Tools"
07:17 Checklist Methodology and Evidence Gathering
12:38 Cybersecurity Auditing & Penetration Testing
15:19 Privacy Compliance in Home Care
18:33 ISO 27002 Training Importance
23:24 Auditor Roles and System Strengthening
24:58 Audit Purpose: Beyond Procedure Compliance
29:33 "Linking Risk to Audit Results"
33:09 ISO Podcast Episode Wrap-Up
NEXT STEPS
We appreciate your likes & comments, and shares. Click here to visit the SimplifyISO website. Click here to visit the International Management System Institute website and learn how to become a Certified ISO Management System Professional.
Conformance1's free online Gap Checklists:
ISO 9001 - https://conformance1.com/iso9001-gap-assessment-register/
ISO 27001 - https://conformance1.com/iso-27001-gap-checklist-dashboard/
Learn more about Jim on LinkedIn & YouTube.
LinkedIn
LinkedIn Articles
YouTube
Click here to learn more about the Coaching and Podcast Services provided by Fox Coaching, Inc.
KEYWORDS
ISO 27008, Information Security Controls, Information Security Management System, ISO Review Podcast, SimplifyISO, Podcast
#ISO27008 #InformationSecurityControls #InformationSecurityManagementSystem #ISOReviewPodcast #SimplifyISO #Podcast
Podcasts we love
Check out these other fine podcasts recommended by us, not an algorithm.
