ISO 27001
ISO 27001:2022 – what has changed? The new guide
The new Annex A structure, 93 controls across 4 themes, and what the transition means for your ISMS.
Blog · Security · AI · Website development
Knowledge, insights & practical tips for secure digital growth
Read practical articles on ISO 27001, information security, website development, WordPress security, applications, AI chatbots, private AI models and secure digital transformation.
Information security
What does an auditor check during an ISO 27001 audit?
From context and risk analysis to the SoA, controls, internal audit and management review.
ISMS
What is an ISMS and how do you demonstrate that it works?
A clear explanation, a real-world example and how the PDCA cycle proves it genuinely works.
Privacy
GDPR and ISO 27001: how to combine them successfully
Discover the overlap, where they differ and how ISO 27701 makes privacy demonstrable on top of your ISMS.
Cyber Security
Cyber security baseline measures for organisations
From updates and MFA to backups, awareness and monitoring — the baseline set every organisation needs.
WordPress
WordPress security in 2025: key trends and measures
The key risks and measures: updates, plugins, hardening, backups and monitoring.
Website development
Having a professional website developed: what to look out for?
Consider speed, mobile-friendliness, SEO, security, conversion and maintenance when making your choice.
Application development
Developing a custom application: security from the ground up
Security by design: secure architecture, access management, data minimisation and secure code.
Hosting
Cloud & hosting security: a reliable foundation for your organisation
Secure configuration, patch management, backups, monitoring, encryption and shared responsibility.
Risk analysis
Risk analysis for information security: a practical approach
A step-by-step plan: scope, assets, threats, likelihood × impact and risk treatment — the foundation of ISO 27001.
AI for Business
AI chatbot for business: smarter customer contact and internal support
Answer customer questions, support employees and unlock company knowledge — with proper training and security.
Local AI & Private LLM
Local AI & private LLM: AI within your own environment
Run AI on your own server or private cloud, with more control over data and privacy.
LoRA / QLoRA Training
LoRA and QLoRA fine-tuning: tailoring AI to your company knowledge
Efficiently adapt existing AI models to your processes and terminology, without training from scratch.
AI for Business
Cloud AI or offline AI: which solution suits your organisation?
Cloud is fast and scalable, offline/local offers more control and privacy. Compare the options.
AI Security & Compliance
AI security for business: risks, policy and secure implementation
Manage new risks such as data breaches, prompt injection and unreliable output with policy and controls.
Website development
Website update or upgrade: when is it time to renew?
When is maintenance enough and when is an upgrade or redesign the smarter choice? The signals at a glance.
Audit types
Internal audit, gap analysis and certification audit: the difference
What is the difference, and when do you choose which? A clear explanation with a practical decision aid.
ISO 27001
Preparing for an ISO 27001 audit: a 7-step plan
From scope and risk analysis to internal audit and management review — become audit-ready step by step.
Comparison
Outsource the internal audit or do it yourself? A comparison
Cost, objectivity, time and chance of success side by side — plus what to look for when choosing an audit partner.
Standard explained
ISO 27001 chapters 4 to 10 explained
Context, leadership, planning, support, operation, evaluation and improvement — explained chapter by chapter.
Case
ISO/IEC 27001 certification successfully achieved with Secrotec
With Secrotec's guidance, Certe Assuradeuren achieved ISO/IEC 27001 certification.
News
Certe Assuradeuren named Best Service Provider 2025
Named Best Service Provider 2025 by Bureau DFO — recognition of quality and service.
No articles found for your search.
Want to know whether you are audit-ready?
Book a no-obligation audit scan and find out in a single conversation where you stand and what the next step is.
