Blog tagged as GRC

The ISO/IEC 27005:2022 provides a useful guidance on «risk management of the information security» for every kind of organization: read more on our blog!

The ISO 42001:2023 standard Annex A provides a series of objective controls and operational controls that organizations can apply to address risks related to AI systems.

In questo ultimo post dedicato alla resilienza aziendale, scopriamo una serie di esempi pratici di attività ricorrenti e manutenzioni essenziali.

The ISO 22989 standard on «information technology — artificial intelligence — artificial intelligence concepts and terminology» provides concepts and terminology to improve the understanding of AI.

Scopriamo insieme come costruire la resilienza aziendale fuori e dentro l'area ICT: dalle pratiche chiave alle macroaree che sono considerate per l'implementazione.

Organizations that need to adopt an effective artificial intelligence governance approach can find useful guidelines in the ISO/IEC 38507:2022 (and its main related standards).

Scopriamo insieme qual è il significato di resilienza aziendale, perché è indispensabile per ogni organizzazione e come possiamo implementarla.

Let's check out how the implementation of technological solutions in the health industry brings the need of protection and security of data and which ISO standards can help to manage them.

The ISO 20700:2017 on guidelines for management consultancy services provides a useful framework for ICT consultancy services.

Let's check out our approach to the medical devices data protection compliance between EU and Switzerland according to EU Regulation 745/2017, GDPR, FADP and ISO 27001.

The Network & Information Security 2 EU Directive set a new high common level of cybersecurity across the Union: let's check out more details about it.

The Digital Operational Resilience ACT (EU Regulation 2022/2554) entered into force con January 2023: let's check out all its novelties.

The Central Bank of Bahrain defined in its rulebook the requirements to the ICT resources management in the financial sector: let's check them out!

The ISO 42001:2023 standard provides the requirements for implementing an artificial intelligence management system within organizations that provide AI-based products or services.

The ISO/IEC27035-2:2016 standard provides guidelines to plan and prepare for incident response and to learn lessons from incident response.

The ISO/IEC27035-1:2016 standard provides useful principles for handling information security incidents: let's check them out in our post.

Information technology and information security can be integrated according to the ISO27013: let's take a closer look at this standard.

The ISO/IEC 27557:2022 standard on information security, cybersecurity and privacy protection offers us a framework for assessing the organizational privacy risk.

Artificial Intelligence is getting day after day more important for a lot of human activities: AI can add a lot of value also on the adoption of a smart GRC model for our business.

Financial services industry in Italy and Switzerland can take advantage of an integrated management of ICT GRC: let's take a look at our approach.