Providing Good Governance for Information Security

How businesses can improve and strengthen their information security, cybersecurity and privacy protection through the latest update to ISO/IEC 27014. Good governance has always been at the heart of successful organisations. It is suggested that the term ‘governance’ derives from the ancient Greek word ‘kubernáo’ meaning ‘to steer’. This would seem appropriate as the primary…

How to Conduct a Successful Audit Risk Evaluation

Andrew Ward explains how he helped create a bespoke audit solution to support Balfour Beatty and Crossrail during construction of the new Woolwich station. Audit schedules are the basic requirement for checking what and when quality processes and outputs should be measured to gain the maximum benefits for the business. However, often understanding the ‘what’…

The Context of the Organisation

Bob Hughes, CQP FCQI, managing director of Temple Quality Management Systems, explains why understanding the organisation and its context offers the management team an opportunity to reflect on its successes. Many businesses are apprehensive about the new requirement in ISO 9001:2015 – clause 4.1 ‘Understanding the Organization and its Context’. However, management teams should think…