- Видео 260
- Просмотров 243 673
Stuart Barker
Великобритания
Добавлен 5 авг 2011
Hello! I am Stuart Barker, the ISO 27001 Ninja and welcome to my channel.
I am specialist in ISO 27001 with over 30 years in industry.
It is my mission to provide you everything you need for ISO 27001 and ISO 27001 certification. My channel is dedicated to showing you how to do it yourself and giving you the tips, tricks and secrets they do not want you to have.
I am an author, speaker, online teacher/video creator, and creator of the award winning and fastest selling - Ultimate ISO 27001 Toolkit: hightable.io/ISO-27001-toolkit/
To date I have helped over 5,000 companies to get ISO 27001 Certified. Will you be next?
If you want to work with my company go here:
hightable.io
I am specialist in ISO 27001 with over 30 years in industry.
It is my mission to provide you everything you need for ISO 27001 and ISO 27001 certification. My channel is dedicated to showing you how to do it yourself and giving you the tips, tricks and secrets they do not want you to have.
I am an author, speaker, online teacher/video creator, and creator of the award winning and fastest selling - Ultimate ISO 27001 Toolkit: hightable.io/ISO-27001-toolkit/
To date I have helped over 5,000 companies to get ISO 27001 Certified. Will you be next?
If you want to work with my company go here:
hightable.io
ISO 27001 Annex A 6.3 | Information security awareness, education and training | How to implement
This *beginner-friendly* video is your *ultimate guide* for mastering ISO 27001 Annex A 6.3 Information security awareness, education and training
Learn how to:
- *Prevent fraud and errors* by creating a culture of information security
- *Easily implement* information security awareness, education and training with practical tips, tricks, and ISO 27001 templates!
- *Pass your next ISO 27001 audit* with confidence.
*Plus, discover:*
- *Real-world examples* of awareness techniques in action.
- *Solutions for small organisations* with limited resources.
- *Common mistakes to avoid* during implementation.
► *Click here for the Ultimate ISO 27001 Toolkit:* hightable.io/ISO-27001-toolkit/
► Read the ...
Learn how to:
- *Prevent fraud and errors* by creating a culture of information security
- *Easily implement* information security awareness, education and training with practical tips, tricks, and ISO 27001 templates!
- *Pass your next ISO 27001 audit* with confidence.
*Plus, discover:*
- *Real-world examples* of awareness techniques in action.
- *Solutions for small organisations* with limited resources.
- *Common mistakes to avoid* during implementation.
► *Click here for the Ultimate ISO 27001 Toolkit:* hightable.io/ISO-27001-toolkit/
► Read the ...
Просмотров: 31
Видео
How to implement ISO 27001 Annex A 6.2 Terms and conditions of employment
Просмотров 232 часа назад
This *beginner-friendly* video is your *ultimate guide* for implementing ISO 27001 Annex A Control 6.2 Terms and conditions of employment Learn how to: - *Prevent fraud and errors* by having the correct contracts in place with employees - *Easily implement* terms and conditions of employment with practical tips, tricks, and ISO 27001 templates! - *Pass your next ISO 27001 audit* with confidence...
How to implement ISO 27001 Annex A 6.1 Screening and pass the audit
Просмотров 254 часа назад
This *beginner-friendly* video is your *ultimate guide* for implementing ISO 27001 Annex A 6.1 Screening Learn how to: - *Prevent fraud and errors* by screening employees and doing background checks - *Easily implement* screening with practical tips, tricks, and ISO 27001 templates! - *Pass your next ISO 27001 audit* with confidence. *Plus, discover:* - *What* screening you need to do - *Soluti...
How to implement ISO 27001 Annex A 5.37 Documented operating procedures
Просмотров 429 часов назад
This *beginner-friendly* video is your *ultimate guide* for mastering ISO 27001 Annex A Control 5 37: Documented operating procedures Learn how to: - *Prevent fraud and errors* by documenting operating procedures and processes - *Easily implement* documented procedures with practical tips, tricks, and ISO 27001 templates! - *Pass your next ISO 27001 audit* with confidence. *Plus, discover:* - *...
ISO 27001 Annex A 5.36 | Compliance with policies and standards for information security
Просмотров 89 часов назад
This *beginner-friendly* video is your *ultimate guide* for mastering ISO 27001 Annex A Control 5.36 Compliance with policies and standards for information security Learn how to: - *Prevent fraud and errors* by having simple policies and standards - *Easily implement* ISO 27001 compliance with practical tips, tricks, and ISO 27001 templates! - *Pass your next ISO 27001 audit* with confidence. *...
How to implement ISO 27001 Annex A 5.35 Independent review of information security
Просмотров 269 часов назад
This *beginner-friendly* video is your *ultimate guide* for implementing ISO 27001 Annex A Control 5.35: Independent review of information security Learn how to: - *Prevent fraud and errors* by doing independent reviews of information security - *Easily implement* independent reviews with practical tips, tricks, and ISO 27001 templates! - *Pass your next ISO 27001 audit* with confidence. *Plus,...
How to implement ISO 27001 Annex A 5.34 Privacy and protection of PII
Просмотров 239 часов назад
This *beginner-friendly* video is your *one-stop shop* for implementing ISO 27001 Annex A Control 5.34: Privacy and protection of PII Learn how to: - *Prevent fraud and errors* by protecting PII - *Easily implement* privacy and the protection of PII with practical tips, tricks, and ISO 27001 templates! - *Pass your next ISO 27001 audit* with confidence. *Plus, discover:* - *Real-world examples*...
How to implement ISO 27001 Annex A 5.33 Protection of records
Просмотров 149 часов назад
This *beginner-friendly* video is your *one-stop shop* for implementing ISO 27001 Annex A Control 5.33 Protection of records Learn how to: - *Prevent fraud and errors* by identifying and protecting records - *Easily implement* the protection of records with practical tips, tricks, and ISO 27001 templates! - *Pass your next ISO 27001 audit* with confidence. *Plus, discover:* - *Real-world exampl...
How to implement ISO 27001 Annex A 5.32 Intellectual property rights
Просмотров 229 часов назад
This *beginner-friendly* video is your *one-stop shop* for mastering ISO 27001 Annex A Control 5.32 Intellectual property rights Learn how to: - *Prevent fraud and errors* by having the right intellectual property protections in place - *Easily implement* intellectual property protection with practical tips, tricks, and ISO 27001 templates! - *Pass your next ISO 27001 audit* with confidence. *P...
How to implement ISO 27001 Annex A 5.31 Legal, statutory, regulatory and contractual requirements
Просмотров 109 часов назад
This *beginner-friendly* video is your *one-stop shop* for implementing ISO 27001 Annex A 5.31 Legal, statutory, regulatory and contractual requirements Learn how to: - *Easily implement* a legal register with practical tips, tricks, and ISO 27001 templates! - *Comply with the law* by implementing an easy, effective legal register and process - *Pass your next ISO 27001 audit* with confidence. ...
How to implement ISO 27001 Annex A 5.30 ICT readiness for business continuity
Просмотров 229 часов назад
This *beginner-friendly* video is your *one-stop shop* for implementing ISO 27001 Annex A 5.30 ICT readiness for business continuity Learn how to: - *Easily implement* business continuity and disaster recovery for ICT suppliers with practical tips, tricks, and ISO 27001 templates! - *Prevent loss of downtime* by implementing easy, effective BCP and DR for ICT providers - *Pass your next ISO 270...
How to implement ISO 27001 Annex A 5.29 Information Security During Disruption
Просмотров 119 часов назад
This *beginner-friendly* video is your *one-stop shop* for implementing ISO 27001 Annex A 5.29 Information Security During Disruption Learn how to: - *Easily implement* business continuity and disaster recovery with practical tips, tricks, and ISO 27001 templates! - *Prevent loss of downtime* by implementing easy, effective BCP and DR - *Pass your next ISO 27001 audit* with confidence. *Plus, d...
How to implement ISO 27001 Annex A 5.28 Collection Of Evidence
Просмотров 159 часов назад
This *beginner-friendly* video is your *one-stop shop* for implementing ISO 27001 Annex A 5.28 Collection Of Evidence Learn how to: - *Easily implement* the collection of evidence with practical tips, tricks, and ISO 27001 templates! - *Prevent fraud and errors* by ensuring evidence collection meets the needs of the law - *Pass your next ISO 27001 audit* with confidence. *Plus, discover:* - *Re...
How to implement ISO 27001 Annex A 5.27 Learning from information security incidents
Просмотров 149 часов назад
This *beginner-friendly* video is your *one-stop shop* for implementing ISO 27001 Annex A 5.27 Learning from information security incidents Learn how to: - *Easily implement* root cause analysis for security events and incidents with practical tips, tricks, and ISO 27001 templates! - *Prevent fraud and errors* by identifying, assessing and responding to the root cause of events and incidents - ...
How to implement ISO 27001 Annex A 5.26 Response to information security incidents
Просмотров 129 часов назад
This *beginner-friendly* video is your *one-stop shop* for implementing ISO 27001 Annex A 5.26 Response to information security incidents Learn how to: - *Easily implement* response to information security events and incidents with practical tips, tricks, and ISO 27001 templates! - *Prevent fraud and errors* by responding to events and incidents - *Pass your next ISO 27001 audit* with confidenc...
ISO 27001 Annex A 5.25 | Assessment and decision on information security events | Implementation
Просмотров 99 часов назад
ISO 27001 Annex A 5.25 | Assessment and decision on information security events | Implementation
ISO 27001 Annex A 5.24 | Information security incident management planning and preparation
Просмотров 139 часов назад
ISO 27001 Annex A 5.24 | Information security incident management planning and preparation
ISO 27001 Annex A 5.23 | Information Security For Use Of Cloud Services | Implementation Guide
Просмотров 269 часов назад
ISO 27001 Annex A 5.23 | Information Security For Use Of Cloud Services | Implementation Guide
ISO 27001 Annex A 5.22 | Monitoring, review and change management of supplier services | How To
Просмотров 49 часов назад
ISO 27001 Annex A 5.22 | Monitoring, review and change management of supplier services | How To
ISO 27001 Annex A 5.21 | Managing Information Security In The ICT Supply Chain | Implementation
Просмотров 199 часов назад
ISO 27001 Annex A 5.21 | Managing Information Security In The ICT Supply Chain | Implementation
ISO 27001 Annex A 5.20 | Addressing Information Security Within Supplier Agreements | Implementation
Просмотров 249 часов назад
ISO 27001 Annex A 5.20 | Addressing Information Security Within Supplier Agreements | Implementation
ISO 27001 Annex A 5.19 | Information Security In Supplier Relationships | Implementation Guide
Просмотров 289 часов назад
ISO 27001 Annex A 5.19 | Information Security In Supplier Relationships | Implementation Guide
ISO 27001 Annex A 5.18 | Access Rights | Implementation Guide | Beginner Friendly
Просмотров 189 часов назад
ISO 27001 Annex A 5.18 | Access Rights | Implementation Guide | Beginner Friendly
ISO 27001:2022 Attributes | Everything You Need to Know | Beginner Friendly
Просмотров 7912 часов назад
ISO 27001:2022 Attributes | Everything You Need to Know | Beginner Friendly
ISO 27001 Annex A 5.17 | Authentication Information Implementation Guide
Просмотров 124День назад
ISO 27001 Annex A 5.17 | Authentication Information Implementation Guide
How to implement ISO 27001 Annex A 5.16 Identity Management
Просмотров 233Месяц назад
How to implement ISO 27001 Annex A 5.16 Identity Management
How to implement ISO 27001 Annex A 5.15 Access Control
Просмотров 209Месяц назад
How to implement ISO 27001 Annex A 5.15 Access Control
How to implement ISO 27001 Annex A 5.14 Information Transfer
Просмотров 216Месяц назад
How to implement ISO 27001 Annex A 5.14 Information Transfer
How to implement ISO 27001 Annex A 5.13 Labelling Of Information (inc metadata )
Просмотров 2582 месяца назад
How to implement ISO 27001 Annex A 5.13 Labelling Of Information (inc metadata )
ISO 27001 Toolkit - The Ultimate Toolkit for ISO 27001 Certification
Просмотров 6373 месяца назад
ISO 27001 Toolkit - The Ultimate Toolkit for ISO 27001 Certification
Hi Stuart, this document example focuses on Cloud Supplier, just wondering would we not need to talk about the actually Cloud security we have in place, firewalls, anti-virus and so on?
Yes Ryan. This is part of the overall puzzle. This policy meets the requirements for having a cloud services policy and the requirements for cloud providers but remember that the standard is made up of many policies and Annex A controls that address specifics such as access control, network security, physical security, anti malware and much much more. The points you raise are addressed, but not here. Which out of context may seem strange but we are creating building blocks to create a house. What ever house you need and want. You can join the Q and A or drop me a 1 to 1 and I can cover for you in more detail than the comments allow. 🙏
One of many additional videos that support this area that will add some context to this 'how to' video - ruclips.net/video/pD9xeH-NlM8/видео.html
👍
This is an excellent foundation. Thank you! I'm learning a ton. Context is everything!
I never thought I'd get fuckin iso27001 shorts....
Your / You're welcome ☺️
@@StuartBarker Hahaha, so fair man, so fair.
Great breakdown on implementing ISO 27001 Annex A 5.7 for threat intelligence! What are some common pitfalls to avoid during the audit?
Thank you - I cover what you need in the blog that goes with the video - it is here for reference - hightable.io/iso-27001-annex-a-5-7-threat-intelligence/ 🙏
Obrigado!
Muito obrigado!
Muito obrigado!
I love your work!
Thank you! 🙏
Thanks for explaining concept so easily
Thanks for explaining concept so easily
Thank you 👍
HI Stuart. Thank you for this very informative series. You stated that if an organization does not do DevOps then no need to deploy a DevOps policy. Would it be advisable to implement a policy that states the organization will not be engaged in DevOps practices or is it better to not create a DevOps policy altogether? Thanks.
Read this blog - hightable.io/iso-27001-when-you-have-no-office/ - but substitute dev ops for physical security. It is the same approach for you. Let me know if that not answer or you have questions but I think it will give you what you need 🙏
@@StuartBarker This helps. Thank you again for your help.
@@StuartBarker That was helpful. Thank you.
Where can i find the template of this document ?
You can find it here: hightable.io/product/iso-27001-annex-a-5-2-information-security-roles-and-responsibilities-template/. 🙏🙏🙏🙏
excellent elaborate explanation videos Keep up the great work Mr.Stuart Barker
This toolkit is awesome! So much included for a senior admin like me who is implementing an ISO 27001 aligned ISMS. Highly recommended as it's a fraction of the price you are going to look at paying for other services of this value.
Fantastic - thanks Stuart!
Great video!
Great video. Thank you!
great explanation
I was hoping to see a video around the controls & Implementing the annex A?... The ISMS videos where very helpful. thank you so much
The annex A videos are also on my channel. They are also located in their own playlist. Take a look. 🙏
Hi, Has this become a requirement recently, according to the 2022 version?
It is guidance included in the Labelling control. None of the Annex A controls are a requirement. They are a requirement if they mitigate a risk you have. The ISO 27002 standard lists out guidance for you to consider when implementing a control. There are many ways to implement a control and still meet the control objective. ISO 27001 is a risk based system and you are implementing based on risk and business need.
@@StuartBarkerthanks you
I started learning ISO27001 would you please suggest any methods to learn and remember all the clauses and annex
On the High Table website is an ISO 27001 reference guide and Annex A reference guide that is a great start. You should also purchase copies of the actual standard. Then maybe watch the videos here. The only real way to learn to any degree that is useful is to do it. Over and over again :) 🙏
Hi Stuart, hope you are doing well. We are a group of BIT students (3 students) from Switzerland who are aiming for ISO 27001 certification as part of a student project for a start-up company with around 20 employees in the software sector. I myself have recently started working for the company and the other two work for another company. We all work part-time with a workload of 60-80%. My question to you would be, is it possible for us to achieve certification within 5-6 months? According to the guidelines we have 300 hours per student, so 900 hours available. Since I work there myself and also get time outside of the student project, you can expect something like 1000 hours. None of us has ever implemented ISO 270001. I would very much appreciate your feedback. Thank you and kind regards!
Are you factoring into this learning of the standard and consuming all of the training? Your time line is achievable. There are factors I do not know specific to you but on average 3 months is realistic on the parameters you share. So 5 to 6 months is very achievable.
@@StuartBarker Thank you for the information. Exactly, we go through all your training courses. We were also thinking about buying one of your toolkits. (Business Edition). On the other hand, we would also like to do it ‘manually’ and on our own as much as possible for the learning effect. What would you recommend? The main problem is that we don't quite know how to start yet (the whole process). Honestly, many videos say something different about how it should be approached. That's why a structured guide would be beneficial. KR
I cannot vouch for other sites but I can vouch that my system works as you see on the reviews, the comments here etc. Building from scratch will take months if not years. It is doable. There is little value to you in doing it but you can. I have videos on here on how to do that also. I recommend the toolkit, as do others, clearly, and concentrate on the learnings not the typing. You also know it meets the standard. Good luck on which ever route you go. 🙏
@@StuartBarker Many thanks!
How to certified as ISO/IEC 27001 ?
Please watch this video for how, options and associated costs of each option: ruclips.net/video/fe1tc9B3it4/видео.html
That makes sense. What's the solution. Do all classification applications tag data with metadata?
That will be vendor dependant so I can say on behalf of all vendors, sorry.
Stuart - a great explanation of Metadata and Labelling, I have had several auditors that specifically address labelling and Metadata and your explanation makes it easy to address.
Extremely helpful, clear and entertaining - as always, thanks :)
🙏
Super helpful! Do you have a threat intelligence log/spreadsheet template you can share?
@babyology101 - yes, hightable.io/product/iso27001-threat-intelligence-process-template/ This should help.
I'm thinking of getting a certification, it costs on avg. 1000 USD, I'm hesitant cause the program is only 5 days, which is by no means near enough. And considering that the course material is available for free, would you recommend just going with the free stuff with no cert ?
I think you have potentially confused concepts of certification and training - for certification costs watch this - ruclips.net/video/fe1tc9B3it4/видео.htmlsi=QN1wTEztjAaXyYu7 if you mean training then you have many options and the cost you quote feels low. You can reach out to me in an ISO 27001 clinic or call - just goto contact on my website - if you need more pointers.
@@StuartBarker I don't know, a friend at work recommended it to me, it's called ISO 27001 Lead Implementer Certficate. 5 training days, followed by a test to earn a cert, I've watched your video, the annual audit fees aren't included, the test fees, I'm unsure-- will need to inquire further, saw the price ranges you listed in the vid description, 1000 usd is indeed cheap in comparison 😅 I'll need to look up more as I honestly don't have enough information to know what to ask you, thank you for opening my eyes. One question though, if I watch your playlist, would I have the basics to implement 27001 in a project or I'd need to take training with a certification body ? As you said, many offer the sky but fail to deliver, there're many offering free courses and I don't know if it's the same material like CompTIA courses or there're branches that I need to be aware of.
Ah - you are talking about training. All of my videos give you everything you need and more for free. These include real world implementation examples. I give all the knowledge away for free. You would know more than you would learn by watching. In time, when you need it, do the book training and get the paper certificate if cost is an issue right now. The channel is set up in playlist - work through them. Good luck !
@@StuartBarker thank you, lucky I came across your channel, also love your advice ''learn in time when you need it'', will do thank you.
awesome explanation
Thank you. Kind of you to say. I appreciate the feedback.
Do you still produce these videos? Do you have videos about NIS2?
I do but I am about 14 videos into 93 for Annex A :) I gotta finish 27001 first 🙏
Very great explanation
I love your explanation. It's a great episode. I am going to watch and study your videos. Honestly, you are my new rock star. My number one trainer/Coach in my InfoSec Hall of Fame.
Awesome, Stuart. Your Experience is talking here 👍
Thank you. I appreciate the feedback 🙏
This was very good. I'm locked in now.
Awesome vid !!
Thank you :) I appreciate the positive feedback 🙏
Great video!
Hi Stuart, Awesome video..how to actually work with this controls? Can you share the template? Thanks very much.
Hi and thanks for the comment and support. All of the ISO 27001 templates are here: hightable.io/iso-27001-store/ - thank you @halvadandu
Very informative video. Thank you for sharing. I now understand the meaning and difference. I will be sharing this with my team. Cheers
Fantastic - hope the subscribe for Free ISO 27001 Learnings :) your feedback is appreciated and you are a super star 🌟
A good One video. Watching is worthy
Very much appreciate your positive feedback. Thank you. 🙏🏽
I'm more of an ISO 17025 kinda guy
Potato / Potatoe 😊. This is great and thanks for watching. As management systems they are all much of a muchness now and becoming aligned. Tweaks to create an integrated management system but not hard. I really appreciate you taking time out. Thank you.
While this channel might currently lack a large following, I believe that in the future, viewers will revisit its content due to the imperative of safeguarding their information assets amidst the rise of AI threats.
Yes, yes it does lack a large following :) more followers need free learnings on ISO 27001 :) - thank you for comment and feedback. I appreciate it a lot. 🙏🏽
Despite many large and well-known companies obtaining ISO 27001 certification, there remains a significant number unaware of and not applying its standards to protect their information assets. This channel greatly assists me and future aspiring auditors in acquiring knowledge as comprehensive as yours.
I really appreciate that feedback. Thank you. And thank you for your support. 🙏🏽
Thank you very much, this was indeed helpful
Thank you for the feedback. I really appreciate it and glad that it added value. 🙏🏽
This was absolutely helpful, thank you.
It is amazing to hear that it has helped. Be sure to check out the other videos and tutorials. Thank you. 🙏🏽
HI Stuart, have you done a similar video (easy to understand) purely for what has changed from the 2013 standard to the 2022 standard?
I have done a simple blog on it here: hightable.io/iso-27001-2022-everything-you-need-to-know/ Amendment one changes short: ruclips.net/user/shortspUMxa2L6JzM Amendment one implementation short: ruclips.net/user/shortsL8hC4ZrrPKc Thanks for watching @gavinneville7410
I've been looking this for months now, Thank you for the great sharing.
You are very welcome :) Check out the other tutorial videos in the series 🙏
👓
👀🤣🙏
Glasses much?
All about the glasses and the learnings. :) 🙏🏽