The ISO Review Podcast

EXPLORE

Society & Culture

© 2024 PodJoint

https://is1-ssl.mzstatic.com/image/thumb/Podcasts221/v4/84/dd/49/84dd4979-460d-951b-cb89-97bd402777d9/mza_10960798014486181587.jpg/600x600bb.jpg

The ISO Review Podcast

Jim

73 episodes

2 weeks ago

Welcome to the ISO Review Podcast! In this year-end episode, hosts Howard Fox and ISO Management System professional Jim Moran dive into the guiding principles of ISO 27008, focusing on clause 8—the heart of assessing controls for information security. This episode explores the importance of thorough preparations and tailored planning for control assessments, drawing on real-world experience and highlighting the necessity of clear communication, risk-based thinking, and evidence-based decisio...

Show more...

All content for The ISO Review Podcast is the property of Jim and is served directly from their servers with no modification, redirects, or rehosting. The podcast is not affiliated with or endorsed by Podjoint in any way.

Welcome to the ISO Review Podcast! In this year-end episode, hosts Howard Fox and ISO Management System professional Jim Moran dive into the guiding principles of ISO 27008, focusing on clause 8—the heart of assessing controls for information security. This episode explores the importance of thorough preparations and tailored planning for control assessments, drawing on real-world experience and highlighting the necessity of clear communication, risk-based thinking, and evidence-based decisio...

Show more...

Episodes (20/73)

The ISO Review Podcast

ISO 27008: Preparing and Planning for IS Management System Assessments - Clause 8

Welcome to the ISO Review Podcast! In this year-end episode, hosts Howard Fox and ISO Management System professional Jim Moran dive into the guiding principles of ISO 27008, focusing on clause 8—the heart of assessing controls for information security. This episode explores the importance of thorough preparations and tailored planning for control assessments, drawing on real-world experience and highlighting the necessity of clear communication, risk-based thinking, and evidence-based decisio...

2 weeks ago

37 minutes

The ISO Review Podcast

Assessing ISO 27001 Annex A Controls Using Practical Review Methods from Clause 7 in ISO 27008

Welcome to another episode of the ISO Review Podcast, brought to you by Simplify ISO! In this installment, hosts Jim Moran and Howard Fox dive deep into Clause 7 of ISO 27008, unpacking practical review methods for assessing the effectiveness of Annex A controls under ISO 27001. Whether you're an internal auditor looking to sharpen your skills or someone new to information security management, this episode offers invaluable insights into process analysis, documentation reviews, interviews, te...

1 month ago

40 minutes

The ISO Review Podcast

Understanding ISO 27008: Effective Methods for Auditing Information Security Management Controls

Welcome back to another episode of the ISO Review Podcast, brought to you by Simplify ISO! This week, Howard Fox and Jim Moran kick off a brand new series diving deep into the world of ISO/IEC 27008—the essential guidelines for assessing information security controls. In today’s episode, we set the stage by exploring the structure and background of ISO 27008, including its key sections and practical annexes for technical and cloud service assessments. Jim emphasizes the need for compete...

1 month ago

32 minutes

The ISO Review Podcast

How to Assess Information Security Controls Using ISO 27008: Process, Scope, and Criteria

Welcome back to another episode of the ISO Review Podcast, brought to you by Simplify ISO! This week, Jim Moran and Howard Fox dive deep into the essentials of assessing information security controls in line with ISO 27008. Building on last week’s introduction, Jim Moran shares his expertise, highlighting the critical steps in reviewing and auditing controls from Annex A of ISO 27001, gathering evidence, and ensuring objectivity through well-structured assessment methodologies. Wh...

2 months ago

34 minutes

The ISO Review Podcast

Leveraging AI Tools for Effective ISO 9001 Risk Analysis and Audit Preparation

Welcome back to another insightful episode of the ISO Review Podcast, brought to you by Simplify ISO! This week, Jim and Howard dive deeper into the intersection of artificial intelligence and ISO risk management, building on their previous discussion. With Jim sharing wisdom from over three decades in ISO support, and Howard adding his expertise with AI tools, the conversation explores practical ways organizations can leverage AI to streamline ISO 9001 processes—especially when it comes to i...

2 months ago

34 minutes

The ISO Review Podcast

Using Artificial Intelligence to Strengthen Risk Identification in Your ISO Management Systems

Welcome back to the ISO Review Podcast, your trusted resource for the latest in international standards and maximizing your management systems. In this episode, hosts Jim and Howard dive into one of the most requested topics in the ISO world: risk and opportunity management. Jim draws from his 33 years of experience to share practical strategies for strengthening risk identification, sharpening evaluation tools, and, most importantly, embedding risk awareness deep into your organization’s cul...

3 months ago

29 minutes

The ISO Review Podcast

Sneak Peek at the ISO 9001 Draft Update: Changes, Clarifications, and Industry Impact

Click here to learn about our new DIY ISO 9001 program using AI Welcome to the ISO Review Podcast. In this episode, Jim and Howard chat about the upcoming changes to ISO 9001, offering listeners an exclusive sneak peek at the new Draft International Standard set to shape quality management systems worldwide. DISCUSSION 00:00 Global Reach of ISO 9001 05:55 ISO 9001 Update Preview 07:01 ISO Draft to International Standard Process 12:42 Quality Management Standards Differentiation 14:56 Distingu...

3 months ago

33 minutes

The ISO Review Podcast

Enhancing Information Security Management Systems with AI

Click here to learn about our new DIY ISO 9001 program using AI . Welcome back to the ISO Review Podcast. In this episode, hosts Jim Moran and Howard Fox are joined by special guest Dejan Kosutic, CEO of Advisera. Dejan is a renowned cybersecurity expert for ISO 27001. He is passionate about making compliance accessible. Dejan and Jim discuss how to use Artificial Intelligence (AI) to enhance your Information Security Management System (ISMS). DISCUSSION AI and ISO 27001: Use cases for integr...

4 months ago

34 minutes

The ISO Review Podcast

How Positive Intention Can Transform Workplace Culture and Management Systems

Click here to learn about our new DIY ISO 9001 program using AI Welcome back to the ISO Review Podcast, your trusted source for the latest in international standards development and practical tips on getting the most out of your management systems. In this episode, hosts Jim Moran and Howard Fox are joined by special guest Michael Kent Hart, the founder and CEO of Human.ca, who brings over 40 years of expertise in quality management and organizational excellence. Mike's explanation of h...

5 months ago

36 minutes

The ISO Review Podcast

Turn Root Cause Analysis on its Head...Use Intention and Positive Focus Instead

Click here to learn about our new DIY ISO 9001 program using AI Welcome to the ISO Review Podcast. In this episode, Howard and Jim discuss an innovative approach to traditional root cause analysis inspired by the work of Michael Kent Hart. In this approach, there is a shift in focus from traditional root cause analysis and blame to a more positive, future-focused strategy centered on “intention in the workplace.” Mike's explanation of his work: https://human.ca/conscious-human-int...

5 months ago

27 minutes

The ISO Review Podcast

Build Your ISO 9001 QMS: Practical, DIY Approach Enhanced by AI Technology - Part III

Click here to learn about our new DIY ISO 9001 program using AI Welcome to the ISO Review Podcast. In this episode, Howard and Jim continue with a video series designed to help organizations simplify the process of ISO 9001 certification, using a do-it-yourself approach. Jim shares the journey behind creating the Simplify ISO platform—a user-friendly, cost-effective solution designed for small to mid-sized businesses looking to efficiently implement, maintain, and get certified without the h...

6 months ago

31 minutes

The ISO Review Podcast

Build Your ISO 9001 QMS: Practical, DIY Approach Enhanced by AI Technology - Part II

Click here to learn about our new DIY ISO 9001 program using AI Welcome to the ISO Review Podcast. In this episode, Howard and Jim continue with a video series designed to help organizations simplify the process of ISO 9001 certification, especially if you're considering a do-it-yourself approach. With more than three decades of ISO consulting experience, Jim shares the journey behind creating the Simplify ISO platform—a user-friendly, cost-effective solution designed for small to mid-sized ...

6 months ago

35 minutes

The ISO Review Podcast

Build Your ISO 9001 QMS: Practical, DIY Approach Enhanced by AI Technology

Click here to learn about our new DIY ISO 9001 program using AI Welcome to the ISO Review Podcast. In this episode, Howard and Jim kick off a special new video series designed to help organizations simplify the process of ISO 9001 certification, especially if you're considering a do-it-yourself approach. With more than three decades of ISO consulting experience, Jim shares the journey behind creating the Simplify ISO platform—a user-friendly, cost-effective solution designed for small to mid...

7 months ago

38 minutes

The ISO Review Podcast

ISO/IEC 42001 AI management system standard, Annex C and Annex D

Howard and Jim discuss the ISO/IEC 42001 AI management system standard, Annex C (Potential AI-related organizational objectives and risk sources) and D (Use of the AI management system across domains or sectors). POINTS DISCUSSED Annex C Explanation of Annex CObjectivesRisk SourcesAnnex D Explanation of Annex DIntegration of AI management system with other management system standardsLooking Ahead Preview of next episode, where Jim will walk the listerner through a Do-It-Yourself (DIY) b...

7 months ago

33 minutes

The ISO Review Podcast

ISO/IEC 42001 AI Management System Standard, Annex B.10 - Third-party and customer relationships

Howard and Jim chat about ISO 42001, the world's first artificial intelligence management system International standard. In this episode they discuss Annex B.10 - Third-party and customer relationships. POINTS DISCUSSED Explanation of what Clause B.10 - Third-party and customer relationships coversObjectiveAllocating responsibilitiesSuppliersCustomersLooking Ahead - Preview of next episode focusing on Annex C (Potential AI-related organizational objectives and risk sources), and Annex D (Use...

8 months ago

27 minutes

The ISO Review Podcast

ISO/IEC 42001 AI Management System Standard, Annex B.9 - Use of AI systems

Howard and Jim chat about ISO 42001, the world's first artificial intelligence management system International standard. In this episode they discuss Annex B.9 - Use of AI systems. POINTS DISCUSSED Explanation of what Clause B.9 covers: “Use of AI systems”Key Requirements and Concepts in Clause B.9Real-World Applications & AnalogiesInternal vs. External AI Models in OrganizationsHuman Oversight & Decision SupportIntegrating AI with Risk Management (Clause 6 and Beyond)Invitation to U...

8 months ago

26 minutes

The ISO Review Podcast

ISO/IEC 42001 AI Management System Standard, Annex B.8 - Information for interested parties

Howard and Jim chat about ISO 42001, the world's first artificial intelligence management system International standard. In this episode they discuss Annex B.8 - Information for interested parties. POINTS DISCUSSED Objective of ISO 42001, Annex B.8 - Information for interested parties.System documentation and information for usersExternal reportingCommunication of incidentsInformation for interested partiesLEARN MORE Click here to try Conformance1's free online ISO 27001 Gap Checklist. UPCO...

9 months ago

27 minutes

The ISO Review Podcast

ISO/IEC 42001 AI Management System Standard, Annex B.7 - Data for AI systems

Howard and Jim chat about ISO 42001, the world's first artificial intelligence management system International standard. In this episode they discuss Annex B.7 - Data for AI systems. POINTS DISCUSSED Objective of ISO 42001, Annex B.7 - Data for AI systemsData for development and enhancement of AI systemAcquisition of dataQuality of data for AI systemsData provenanceData preparationLEARN MORE Click here to try Conformance1's free online ISO 27001 Gap Checklist. UPCOMING EPISODES Howard and ...

10 months ago

30 minutes

The ISO Review Podcast

ISO/IEC 42001 AI Management System Standard, Annex B.6 - AI system life cycle

Howard and Jim chat about ISO 42001, the world's first artificial intelligence management system International standard. In this episode they discuss Annex B.6 - AI system life cycle POINTS DISCUSSED Overview of ISO 42001, Annex B.6: Implementation Guidance for Artificial Intelligence ControlsManagement guidance for AI system developmentAI system life cycleAI system requirements and specificationDocumentation of AI system design and developmentAI system verification and validationAI system d...

10 months ago

28 minutes

The ISO Review Podcast

ISO/IEC 42001 AI Management System Standard, Annex B (Implementation Guidance for Artificial Intelligence Controls), Clause B5

Howard and Jim chat about ISO 42001, the world's first artificial intelligence management system International standard. In this episode they discuss Annex B (Implementation Guidance for Artificial Intelligence Controls), Clause B.5. POINTS DISCUSSED Overview of ISO 42001, Annex B: Implementation Guidance for Artificial Intelligence ControlsClause B5 and Impact AssessmentsHigh-Level Management System StructureInputs, Process, OutputsRisks and Legal ConsiderationsImpact Assessment ElementsRet...

1 year ago

29 minutes