Overcoming resistance to change in the organization

Currently, the market is in a constant process of competitiveness, which drives organizations to invest in technological innovation to keep up to date. Today it is possible to find organizations still resisting to change, especially those who were not born in a technological environment. People usually resist what they do not understand, so it is


The impact of the Product Owner role

Commonly, from the moment the idea is generated to the product or service launch, work is done through different organization areas, from market research, conceptualization, requirement specification to the development team, also considering different visions of the objective. In environments where SCRUM is used to create a winning product, stakeholders must have a shared vision


What are the risks of an organization with no IT Governance policies?

Corporate Governance of Information Technology (ISO38500) is the system directing and controlling the current and future use of IT in an organization. All organizations are subject to regulatory, legislative, contractual, and other obligations. Inadequate implementation of IT Corporate Governance policies or lack thereof may expose managers to violations relating to: Security Standards Privacy, spam, business


How to counteract vulnerabilities in an organization?

There are many ways to exploit an organization’s vulnerabilities. Nowadays, not only physical security of information is necessary, it is also necessary to take logical security measures since an organization can be attacked remotely. As recommended by ISO 27032 Cybersecurity Guideline, an organization should identify its main vulnerabilities. Vulnerability is understood as the weakness of


What are the main anti-bribery controls proposed by ISO 37001?

Bribery is one of the most complex challenges facing an organization and is now a widespread phenomenon globally. Governments have worked on various domestic and international agreements to deal with bribery; however, each organization is required to implement an Anti-Bribery Management System (AMS) having its controls to ensure that laws are applied internally, establishing an


Main Objectives of ISO 38500 in the Organization

ISO 38500 is the international standard for good practices in Corporate Governance of Information Technology (IT). The standard is aimed at guaranteeing the elaboration and implementation of the company’s governance policies, diagnosing the organizational and structural changes required in the company, preparing the company to be able to react quickly and efficiently to changes in


What is Cryptography?

As we adopt Digital Technology in our organization, information security measures and controls become increasingly important. There is a lot of critical and confidential information that travels over the internet and is susceptible to any cyberattack. To prevent our data from being exposed in cyberspace, we must encode or encrypt it. Cryptography consists precisely in


What do I need to implement ISO 37001 in my organization?

Since each organization is different, the ways of dealing with bribery problems are also different. ISO 37001 requires the organization to establish an Anti-Bribery Policy. For this purpose, it is required to establish, document, implement, maintain and continually review, and where necessary improve, an Anti-Bribery Management System (ABMS). In this sense, Senior Management must designate


IT governance model according to ISO 38500.

The ISO 38500 standard focuses on promoting the effective, efficient and acceptable use of IT, assuring organizations that following these principles will help their managers consider the risks and foster opportunities arising from the use of IT. For this reason, it provides a principles-based management framework, as well as an IT governance model to support


Cybersecurity measures and controls for the organization.

Today, cybersecurity has become a more than relevant aspect in a scenario where the world is increasingly interconnected. Emerging digital technologies, devices, and services integrate economies around the world, and as the use and dependence on Information and Communication Technologies (ICTs) increase, so do the risks. In that sense, organizations must take into account the


The approach to anti-bribery management in organizations according to ISO 37001.

As previously mentioned, addressing the risk of bribery in an organization requires to set actions to help prevent and detect risks in different areas, circumstances or situations in which an organization operates. For this reason, ISO 37001 has become a powerful management tool for any kind of organization -or part thereof-, regardless of the type,


Knowing about ISO 38500, an international standard for the corporate governance of information technology.

Despite the fact that technology is a tool currently used by almost every company, incorporating information technology (IT) as an active component of the organization’s strategy is still a major challenge. As defined by the OECD, governance is the system whereby organizations are run and controlled. According to ISO/IEC 38500, corporate governance refers to the

Scroll to Top
Your subscription could not be saved. Please try again.
Your subscription has been successful.

Subscribe to our news

Subscribe to our newsletter and stay updated.

We use Sendinblue as our marketing platform. By Clicking below to submit this form, you acknowledge that the information you provided will be transferred to Sendinblue for processing in accordance with their terms of use