Welcome to the ISO Review Podcast! In this year-end episode, hosts Howard Fox and ISO Management System professional Jim Moran dive into the guiding principles of ISO 27008, focusing on clause 8—the heart of assessing controls for information security. This episode explores the importance of thorough preparations and tailored planning for control assessments, drawing on real-world experience and highlighting the necessity of clear communication, risk-based thinking, and evidence-based decisio...
All content for The ISO Review Podcast is the property of Jim and is served directly from their servers
with no modification, redirects, or rehosting. The podcast is not affiliated with or endorsed by Podjoint in any way.
Welcome to the ISO Review Podcast! In this year-end episode, hosts Howard Fox and ISO Management System professional Jim Moran dive into the guiding principles of ISO 27008, focusing on clause 8—the heart of assessing controls for information security. This episode explores the importance of thorough preparations and tailored planning for control assessments, drawing on real-world experience and highlighting the necessity of clear communication, risk-based thinking, and evidence-based decisio...
Understanding ISO 27008: Effective Methods for Auditing Information Security Management Controls
The ISO Review Podcast
32 minutes
1 month ago
Understanding ISO 27008: Effective Methods for Auditing Information Security Management Controls
Welcome back to another episode of the ISO Review Podcast, brought to you by Simplify ISO! This week, Howard Fox and Jim Moran kick off a brand new series diving deep into the world of ISO/IEC 27008—the essential guidelines for assessing information security controls. In today’s episode, we set the stage by exploring the structure and background of ISO 27008, including its key sections and practical annexes for technical and cloud service assessments. Jim emphasizes the need for compete...
The ISO Review Podcast
Welcome to the ISO Review Podcast! In this year-end episode, hosts Howard Fox and ISO Management System professional Jim Moran dive into the guiding principles of ISO 27008, focusing on clause 8—the heart of assessing controls for information security. This episode explores the importance of thorough preparations and tailored planning for control assessments, drawing on real-world experience and highlighting the necessity of clear communication, risk-based thinking, and evidence-based decisio...
