Login News & Articles
Get up to speed on all the latest industry news, from ISO revisions to the latest research, and discover the newest products from Citation ISO Certification. You can also brush up on your business and ISO management skills using our detailed guides, crafted using insider knowledge from our experts.
What is the ISO 27001 Climate Change Amendment?
In February 2024, the International Organization for Standardization (ISO) introduced the Climate Action Changes amendment to the most widely used ISO Standards including 27001, 14001, 45001, and 9001.
What is GDPR Article 32 and its requirements?
Within the GDPR (General Data Protection Regulation) you’ll find Article 32, which is well-known to those in the realm of […]
ISO 27001 for the financial industry
As a financial business, your business relies on trust. Your customers trust banks, investment firms, and other financial institutions to […]
What is the role of a certification body?
The exact role of a certification body can sometimes be a bit difficult to unpick, but we’re here to demystify […]
Information Security vs Cyber Security: Recognising the difference
The difference between cyber security and information security might be small, but understanding the differences is a top priority if […]
ISO 27001 v 27002: What’s the difference?
Cyber security is important to all businesses but especially those scaling up. Businesses that don’t protect themselves as they grow can have a difficult time recovering from a cyber attack. Prioritising cyber security during business growth is essential to protect your business from threats that could hamper growth and the future of your business.
How physical security controls help businesses protect information
Physical security controls offer businesses protection against damaging attacks that threaten your information security. Keeping your data and information safe […]
How to write an ISO 27001 internal audit report
So, you’ve managed to attain certification to ISO 27001. You’ve strengthened your business’ information security, providing the platform for success. […]
How Information Security Risk Management protects against cyber threats
The constant evolution of cyber threats means businesses need to consider adopting information security risk management. As new technologies are […]
How to conduct an ISO 27001 gap analysis
Carrying out an ISO 27001 gap analysis might seem like a daunting task for your business. With multiple requirements, controls […]
How to improve cybersecurity across your business
Cyber security is important to all businesses but especially those scaling up. Businesses that don’t protect themselves as they grow can have a difficult time recovering from a cyber attack. Prioritising cyber security during business growth is essential to protect your business from threats that could hamper growth and the future of your business.
The importance of an effective information security policy
Information security policies form the foundation of an organisation’s security and are featured as part of ISO 27001’s controls. But what are they and what should they include?
How ISO 27001 can help your business achieve cyber resilience
Cyber resilience is a business’ ability to prepare for, respond to, and recover from cyber threats and attacks while continuing […]
A Guide to ISO 14001
Implementing the ISO 27001 Management System does not necessarily mean that you have fulfilled your responsibilities as a business handling personal data in accordance with the GDPR, but it does mean you're well on your way.
Getting your ISO 27001 risk assessment right – our top tips
Identifying and responding to risks that threaten to compromise your information security should be an integral part of your responsibility […]
A Guide to ISO 27001
Implementing the ISO 27001 Management System does not necessarily mean that you have fulfilled your responsibilities as a business handling personal data in accordance with the GDPR, but it does mean you're well on your way.
Does ISO 27001 cover GDPR?
Implementing the ISO 27001 Management System does not necessarily mean that you have fulfilled your responsibilities as a business handling personal data in accordance with the GDPR, but it does mean you're well on your way.
A Guide to ISO 9001 in the workplace
Implementing the ISO 27001 Management System does not necessarily mean that you have fulfilled your responsibilities as a business handling personal data in accordance with the GDPR, but it does mean you're well on your way.
The difference between ISO 27001 and cyber essentials
Colleges and other education establishments are now required to implement ISO 27001 as part of their 2019/2020 contracts
ISO 27001 for education
Colleges and other education establishments are now required to implement ISO 27001 as part of their 2019/2020 contracts
ISO 27001 processes, policies and procedures
Colleges and other education establishments are now required to implement ISO 27001 as part of their 2019/2020 contracts
How does ISO 27001 help protect your organisation?
ISO 27001 is the international Standard for information security but how does it work to protect your organisation and its information?
We can now offer certification to ISO 27001:2022
Great news – we can now certify to the new ISO 27001:2022 Standard. This has been brought bang up to date so you can make sure your business is always one step ahead of cyber criminals.
Managing sensitive online customer data? Here’s how to do it safely
By implementing some of the information security controls required by ISO 27001, you will be able to show due diligence to laws and regulations relating to data protection, like the GDPR and DPA.
Best Ways to Maintain Relationships with Your Employees Online
As a team leader, one of your main responsibilities is maintaining relationships with your employees and keeping the team spirit up. However, when you’re managing a remote team, this can be easier said than done.
The future of IT security for business: Why is it so important?
The rate at which businesses are experiencing cybersecurity breaches is alarming. The latest UK government survey found that in the last 12 months, 39% of UK businesses identified a cyber-attack. Within this, 31% of businesses estimate they were attacked at least once a week.
Open sesame: are your passwords as secure as they could be?
Cyber incidents are the biggest concern for companies globally in 2022, according to the Allianz Risk Barometer. No company is […]
An update on the upcoming changes to ISO 27001
Businesses are now relying on technology more than ever. That increased usage of technology presents an increased risk of cyber-security threats - from malware to phishing. To tackle this increased risk posed by the ongoing technological revolution businesses today are experiencing, experts have anticipated a new version of ISO 27001 to be released this year.
What do the ISO 27001 and ISO 27002 updates involve?
ISO 27001 and ISO 27002 are being updated this year, but what are the updates likely to involve and what should you do if you already hold an ISO 27001 certificate? Read on to find out.
QMS International is now ISO 27001 compliant!
With information increasingly under threat, QMS International has implemented a fully compliant ISO 27001 management system to help ensure the protection of business information.
Ransomware attacks double in 2021
Ransomware attacks in the first half of 2021 have doubled with the education, retail and manufacturing sectors proving to be the most appealing targets.
What cyber-attacks are businesses facing in 2021?
The past year has shown that cyber-attacks are on the increase – and they’re gaining in sophistication too. So, what kinds of attacks are on the rise, and what can businesses do to defend themselves?
The cost of cyber insecurity
Cyber crime is becoming ever more lucrative to criminals as more and more businesses implement more digital solutions. With the number of attacks growing, more businesses are suffering the financial cost.
Our SME cyber security report is live!
With cyber security becoming a hot topic due to the rise in remote working, we set out at the beginning of 2021 to find out how vulnerable SMEs are to cyber-attack, and what they are doing to protect themselves.
What are the 10 most common non-conformances identified at an annual ISO 27001 surveillance audit?
Typical non-conformance can help you to identify where you could make improvements to your own processes and procedures to ensure you're getting the very best out of your ISO. Here is our ISO 27001 top 10.
5 things businesses need to do to survive the next pandemic
There’s light at the end of the COVID-19 tunnel, but what can businesses do to make sure they’re on the front foot if another pandemic takes the world by storm?
Under attack: how ready are SMEs for a cyber-attack?
The rapid switch to remote working turned business cyber security on its head. But how prepared are SMEs for a cyber-attack, and how strong are their defences? To find out, we went and asked them.
Cyber security after COVID-19: what should businesses do next?
COVID-19 is still far from being banished to the back of our minds, but with the dust settling on many hastily put-together remote working solutions, what should businesses do next to shore up their information security?
New opportunities for Cintra with ISO 9001 and ISO 27001
After achieving certification in both ISO 9001 and ISO 27001, Cintra, a multi-award-winning enterprise architecture and cloud specialist, has grown in confidence, opening up new business pipelines and discussing new opportunities.
Are your cyber policies up to scratch for the ‘new normal’?
Whether working remotely, heading back to the office or switching between the two, the ‘new normal’ in the wake of the pandemic has put IT teams and cyber policies under strain. But what are the risks of our new working lives, and how can you keep your business secure?
How can ISOs make your business disaster-proof?
Fire, flood, theft, a global pandemic… disaster can strike at any time. But with the right preparation and tools at your disposal, you can help your business to come out on top. Here’s how ISOs can help.
British Airways fine: a warning to all
If data protection hasn’t crossed your mind much since the GDPR came into effect last year, then this month’s shocking announcement by the Information Commissioner’s Office (ICO) might give you pause.
10 Information Security Tips for Small Businesses
Read our tips on how small and micro businesses can protect themselves from information security threats
Cyber Threats and Attacks Remain High
A revealing report from the National Cyber Security Centre (NCSC) last month revealed that the number of cyber incidents encountered by UK businesses has not slowed, despite concerted efforts by bodies such as the NCSC to protect them from cyber threats.
Public events are being targeted by cyber criminals
Social and sporting events are coming under attack by cyber criminals. Due to the amount of people taking part, the attention garnered by such attacks can be immense. Find out how you can combat these threats.
Health and Safety Executive recognises cyber security risks
The Health and Safety Executive (HSE) has recognised the impact that cyber attacks could have in increasing Health and Safety risks.
Basic IT Security practices could have prevented NHS hack
Reports state that, by simply updating their software, the NHS could have avoided the crippling effects of the WannaCry ransomware outbreak in May 2017
Business that handle Personal Information have 15 months left to comply with new EU General Data Protection Regulation (GDPR)
Companies that collect, store or process data relating to any EU resident will be required to comply with the new EU regulation by May 2018. But what happens if they don't?
TalkTalk Fined £400,000 After Cyber Attack
TalkTalk has been fined a record £400,000 by the UK’s Information Commissioner’s Office (ICO) for a cyber attack that occurred last year. Find out how this relates to ISO 27001:
Is your company affected by the General Data Protection Regulation (GDPR)
Find out how the General Data Protection Regulation (GDPR) - a new Regulation created by the European Commission to strengthen and unify data protection for individuals within the European Union (EU) - will affect your business.
What to expect from ISO 27001 : 2013
ISO 27001 has recently undergone a revision & been re-published. The changes made should help ISO 27001 fit better alongside ISO 9001 and ISO 20000.