ITIL 4 — IT Service Management
What is ITIL? ITIL (Information Technology Infrastructure Library) is the world’s most widely adopted IT service management (ITSM) framework. Originally developed by the UK government in the 1980s, ITIL provides a practical, flexible framework for aligning IT services with the needs of the business. It has been adopted by organisations in over 180 countries and […]
ISO 42001
What is ISO 42001? ISO/IEC 42001:2023 is the world’s first international standard for Artificial Intelligence Management Systems (AIMS). Published in December 2023, it provides a framework for organisations to responsibly develop, deploy and use AI systems. Similar in structure to ISO 27001 (information security) and ISO 9001 (quality management), ISO 42001 enables organisations to demonstrate […]
ISO 27002:2022
What is ISO 27002? ISO/IEC 27002:2022 is the companion standard to ISO 27001 — while ISO 27001 defines the requirements for an Information Security Management System (ISMS), ISO 27002 provides detailed guidance on the implementation of the Annex A controls. Think of ISO 27001 as the what and ISO 27002 as the how. ISO 27002 […]
CIS Controls v8
What is the Center for Internet Security? The Center for Internet Security (CIS) is a non-profit organisation founded in 2000 that develops best practices for securing IT systems and data. CIS is best known for two products — the CIS Controls (a prioritised set of cybersecurity actions) and the CIS Benchmarks (detailed configuration guidelines for […]
CCPA — California Consumer Privacy Act
What is CCPA? The California Consumer Privacy Act (CCPA) is a state-level privacy law that gives California residents significant rights over their personal information collected by businesses. Signed into law in June 2018 and effective from January 2020, CCPA was the first comprehensive consumer privacy law in the United States and fundamentally changed how businesses […]
COBIT 2019
What is COBIT? COBIT (Control Objectives for Information and Related Technologies) is a framework developed by ISACA for IT governance and management. First published in 1996, COBIT provides organisations with a comprehensive set of tools, models and best practices to bridge the gap between business requirements, technical issues and control risks. It is the leading […]
GDPR — General Data Protection Regulation
What is the GDPR? The General Data Protection Regulation (GDPR) is a comprehensive data protection law enacted by the European Union that came into effect on 25 May 2018. It replaced the 1995 EU Data Protection Directive and fundamentally changed how organisations collect, store, process and use the personal data of individuals in the European […]
ISO 27001:2022
What is ISO? The International Organization for Standardization (ISO) is an independent, non-governmental international body founded in 1947. With members from 167 countries, ISO develops and publishes international standards covering almost every industry — from technology and manufacturing to food safety and healthcare. In information security, ISO is the most globally recognised standards body outside […]
NIST Cybersecurity Framework 2.0
What is NIST? The National Institute of Standards and Technology (NIST) is a non-regulatory federal agency within the US Department of Commerce. Founded in 1901, NIST develops standards, guidelines and best practices that help organisations manage risk, improve security and drive innovation. In cybersecurity, NIST is the most trusted standards body in the United States […]