Banks, insurance companies, investment funds, credit rating agencies, securities dealers and many other entities in the financial sector will be affected by the upcoming DORA regulation, or Digital Operational Resilience Act. The DORA Regulation was adopted by the European Parliament and the Council of the European Union on 14 December 2022, Regulation (EU) 2022/2554, and…
At the end of 2023, a brand new standard, ISO/IEC 42001:2023 Information Technology – Artificial Intelligence – Management System, was released that specifies requirements and provides recommendations for the creation, implementation, maintenance and continuous improvement of an artificial intelligence management system (AIMS). The standard is applicable to any organisation that provides or uses products or services…
ISO/IEC 27032:2023 Cybersecurity – Guidelines for Internet security was released in June, replacing ISO/IEC 27032:2012 Information technology – Security techniques – Guidelines for cybersecurity. The Internet is a global network that organisations use for all communications. As some actors target their attacks on these networks, addressing the relevant security risks is very important. This standard focuses…
The relationship between organisations and the world around them is becoming increasingly important as public pressure on organisations to behave responsibly and comply with corporate social responsibility standards has increased significantly. Organisations around the world should take the necessary measures. ISO 26000 provides a framework for organisations to identify and address the social and environmental impacts…
Organisations implement management systems and relevant controls in accordance with international ISO standards or specific legal or regulatory requirements. Gap analysis is used to identify the current state and to determine the activities needed to move to the desired end state. The benchmark is based on relevant statutory, regulatory or normative requirements and recommendations. The…