Author Stuart Barker
When was the last time you checked your bank statements?
What ever the time of year it is always a good idea to check your bank statements and do a mini audit. Cyber criminals are very clever and if your card is compromised they will post almost regular transactions on your card for small amounts. These small amounts are easy to miss. Surely I must have bought that coffee in that coffee shop? Or that fuel from that garage?
Remember: Check your bank statements for strange transactions.
It is easier for Cyber Criminals to steal £1 from 1 million bank accounts than try to take 1 million from 1 account. Cyber crime cases increased to 5.1 million online fraud last year, with an average of £1000 taken from each incident, which is an increase of 5%.
Why does it work?
People are ‘cash rich but time poor’ and the criminal plays on this in the hope that you won’t notice a small amount leaving your bank account each month.
When was the last time you checked your business?
Our business is the same. Small errors over time that can lead to catastrophic consequences. If these go unchecked it could be anything from your business going under to fines and court cases. That’s the scare mongering out of the way but do consider a process of continual improvement as advocated by standards such as ISO 27001 and ISO 9001.
An ISO 27001 Audit
ISO 27001 is the International Standard for Information Security. Meeting the requirements of ISO 27001 certification, indeed meeting Cyber Essentials certification, will require having effective internal audit and a system of checking in place. Like you are checking your statements above, in business you are checking your documents and looking out for things that are not right.
What ISO 27001 says about audit
ISO 27001 section 9.2 talks about Internal Audit. ISO 27001 audit sets out that your business shall conduct internal audits at planned intervals to provide information on whether the information security management system conforms to the business’s own requirements for its information security management system. It also sets to ensure that the requirements of this International Standard is effectively implemented and maintained. The ISO 27001 standard lays out that the business shall:
- plan, establish, implement and maintain an ISO 27001 audit programme(s), including the frequency, methods, responsibilities, planning requirements and reporting. The ISO 27001 audit programme(s) shall take into consideration the importance of the processes concerned and the results of previous audits;
- define the audit criteria and scope for each audit;
- select auditors and conduct audits that ensure objectivity and the impartiality of the audit process;
- ensure that the results of the audits are reported to relevant management; and
- retain documented information as evidence of the ISO 27001 audit programme(s) and the ISO 27001 audit results.
Speak to a member of the team now on
03455 760 999
We would love to help you, ask for Stuart: