Missed the Live Event?
No problem - watch a recording of the webinar here
In this webinar we were joined by Ian Hendra from Clearline Services.Read More
The next principle for an effective information security management system (ISMS) is to conduct risk assessments and then determine controls to reach an acceptable level of risk. The ISO 27001 standard is built around the philosophy of managing risk, and managing risks associated with information security involves a process.Read More
This next principle of ISO 27001 is very interesting and requires some serious thought – it’s the fundamental principle of enhancing societal values.
Following this principle will contribute greatly to the successful implementation and maintenance of the information security management system (ISMS) in your organisation.Read More
On 1 December 2017 the Health and Safety at Work (Hazardous Substances) Regulations will come into force in New Zealand.Read More
The next principle of ISO 27001 is to incorporate management commitment and the interests of stakeholders into your information security management system (ISMS).
Let’s start with the first item – Management Commitment.
All Consultants, Certification Body Auditors and Information Security Managers say that the number one key to having an effective ISMS is to have genuine management commitment. And they’re absolutely right. Management commitment makes all the difference to the success or failure of an ISMS.Read More
Guest blog by Katrina McKinnon, Alsco New Zealand
When discussing your workplace health and safety with staff, one thing that can make a difference is a well stocked and easily accessible First Aid Kit.
Firstly, you need to be aware that there is a duty to provide first aid. These kits need to be available and supplied in accordance with local health and safety regulations.
For example, in New Zealand the Health and Safety at Work (General Risk and Workplace Management) Regulations 2016 is quite prescriptive for first aid. Persons conducting a business or undertaking (PCBU) must ensure that—
(a) adequate first aid equipment is provided for the workplace; and
(b) each worker at the workplace has access to the equipment; and
(c) workers have access to facilities for the administration of first aid.
The International Accreditation Forum (IAF) have announced that conformity assessment bodies (CABs) must conduct all initial surveillance and re-certification audits by the 15th March 2018 for organisations transitioning to the new versions of ISO 9001:2015 and 14001:2015.
As the transition period draws towards a close, those organistions who are needing to upgrade to the new versions of the international standards are encouraged to do so before March 2018.
It is clear that this resolution will put CABs under the pump to meet this deadline.Read More
A key principle of any information security management system (ISMS) is the assigning of responsibility for tasks associated with information security.
Throughout any ISMS there will be tasks that need to be carried out to ensure that the systems are well managed, are effective and that there is appropriate protection against the loss of availability, confidentiality and integrity of the information.Read More
This fundamental principle is all about implementing and maintaining an effective programme for awareness, training and education of your information security management system (ISMS).
In this programme you inform all of your employees and any other relevant parties (such as customers, contractors, and partners) of their information security obligations that are set out in your information security policies, standards and procedures. You then need to motivate them to act in line with those policies, standards and procedures.Read More