Blog tagged as ISO31000

The ICT consultancy service management according to the ISO 20700 standard
The ISO 20700:2017 on guidelines for management consultancy services provides a useful framework for ICT consultancy services.
itSMF Staff
02 Oct 2024 07:00 AM - Comment(s)
The EU Network & Information Security 2 (NIS 2) Directive: a GRC approach with the main related ISO standards
The Network & Information Security 2 EU Directive set a new high common level of cybersecurity across the Union: let's check out more details about it.
itSMF Staff
22 May 2024 06:08 PM - Comment(s)
The EU Regulation on Digital Operational Resilience Act (DORA): GRC approach and main related standards
The Digital Operational Resilience ACT (EU Regulation 2022/2554) entered into force con January 2023: let's check out all its novelties.
itSMF Staff
24 Apr 2024 07:00 AM - Comment(s)
FINMA requirements for ICT resources in Swiss finance industry: GRC approach and main related standards
The FINMA set several ICT resources requirements for the Swiss finance industry: we can manage them with a GRC approach according to the related ISO standards.
itSMF Staff
20 Sep 2023 07:00 AM - Comment(s)
Privacy & Risk Management according to ISO/IEC 27557:2022
The ISO/IEC 27557:2022 standard on information security, cybersecurity and privacy protection offers us a framework for assessing the organizational privacy risk.
Davide Micheli
08 Feb 2023 07:00 AM - Comment(s)
GRC and Data Protection: the GRC approch in EU and Swiss contexts
Data protection between EU and Switzerland and the GRC Data Protection approach on GDPR and LPD-DSG-LPD (FDA): let's take a closer look at these laws together.
itSMF Staff
04 Aug 2021 05:00 AM - Comment(s)
GRC and data protection in Switzerland: structure and main requirements of the LPD
Data protection in Switzerland is regulated by the Swiss Federal Data Protection Act (DPA): the new law will enter into force on September 2023.
itSMF Staff
22 Jul 2021 05:00 AM - Comment(s)